Have you ever wondered how to scrape all the parameters from domain and subdomains from the past without manually crawling the Waybackmachine? Good news, there is a solution! ParamSpider (https://github.com/devanshbatham/ParamSpider) is a new open-source tool that mines parameters from web archives without interacting with the target host. To find parameters, this tool is using various techniques and wordlists.
Installation and example run (requires python version 3.7+):
git clone https://github.com/devanshbatham/ParamSpider cd ParamSpider pip3 install -r requirements.txt python3 paramspider.py --domain demo.com
Author of this tool also recommends to filter out the „juicy“ parameters from others using GF (https://github.com/tomnomnom/gf). GF is a wrapper around grep that can be used to avoid typing common patterns. In the path „/ParamSpider/tree/master/gf_profiles“ there are GF profiles located, such as redirect (for potential parameters with open redirect or SSRF vulnerabilities), xss, wordpress and others.