lazyParam is a simple automation tool with the implementation of multi-threading to check for hidden parameters. This tool is still in testing phase and more implementations are soon to be made. note: Works with python3
- Fuzz parameters for both GET and POST method
- Multi-threaded (Default: 4)
- Use intensive mode with character bypassing techniques
- Check for LFI, RCE and SSTI
- XSS checking
- Add examples to prove effectiveness
Fuzz parameters with build-in wordlists:
python3 lazyparam.py -u http://example.com/file.phpSpecify custom wordlists:
python3 lazyparam.py -u http://example.com/file.php -w wordlists.lst