Param Miner
A command-line tool that identifies and extracts parameters from HTTP requests and responses to assist with web application security testing and vulnerability assessment.
Free1,366
Free1,366
Param Miner
A command-line tool that identifies and extracts parameters from HTTP requests and responses to assist with web application security testing and vulnerability assessment.
Data verified May 2026
ADYour product here. Reach security decision-makers.Launch a campaignParam Miner Description
Param Miner is a command-line tool designed for identifying and extracting parameters from HTTP requests and responses during web application security testing. The tool scans HTTP traffic to discover hidden or undocumented parameters that may not be immediately visible through standard web application interfaces. This capability helps security professionals identify potential attack vectors and vulnerabilities that could be exploited through parameter manipulation. Param Miner operates by analyzing HTTP communications and extracting parameter data for further security analysis. The tool supports vulnerability assessment workflows by providing detailed parameter information that can reveal security weaknesses in web applications. The extracted parameter data can be used to identify potential security issues such as parameter pollution, hidden functionality, or unvalidated input fields that could lead to various web application vulnerabilities.
Param Miner FAQ
Common questions about Param Miner including features, pricing, alternatives, and user reviews.
Param Miner is A command-line tool that identifies and extracts parameters from HTTP requests and responses to assist with web application security testing and vulnerability assessment. It is a Vulnerability Management solution designed to help security teams with Web Security.
Param Miner is a free Vulnerability Management tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/PortSwigger/param-miner/ for download and installation instructions.
Popular alternatives to Param Miner include:
1.Novee AI Pentesting - AI-driven continuous penetration testing platform with automated remediation. (Commercial)
2.Tenzai - Agentic AI platform for continuous, autonomous penetration testing of enterprise apps. (Commercial)
3.Capture The Bug PTaaS - CREST-certified PTaaS platform for continuous web, API, and cloud pentesting. (Commercial)
4.GlitchSecure - Continuous DAST and real-time human-verified penetration testing for SaaS. (Commercial)
5.Red Specter POLTERGEIST - Autonomous web app pentest swarm with 10 agents and 55 attack vectors. (Commercial)
Compare these tools and more at https://cybersectools.com/categories/vulnerability-management
Param Miner is for security teams and organizations that need Web Security. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Vulnerability Management tools can be found at https://cybersectools.com/categories/vulnerability-management
Have more questions? Browse our categories or search for specific tools.
