Personal BlogTwitterGitHubContact

Suspicious Parameters

At DEFCON 31, JHaddix and Gunnar presented a talk titled SusParams which uncovered research on parameters which are often vulnerable to common vulnerabilities such as SQLi, SSRF, LFI, etc. This page simply breaks down the parameters observed for reference.

Cross Site Scripting

path
admin
class
atb
redirect_uri
other
utm_source
host
currency
dir
title
endpoint
return_url
users
cookie
state
callback
militarybranch
href
e
referer
password
author
body
status
utm_campaign
value
text
search
x-forwarded-host
a
flaw
vote
pathname
user
t
utm_medium
q
onclick
email
what
file
onignoretag
__proto__
data-original
description
subject
action
u
nickname
color
language_id
auth
samlresponse
return
onmouseover
readyfunction
where
tags
cvo_sid
target
format
back
term
r
id
url
view
username
sequel
type
city
src
p
label
ctx
style
html
ad_type
onerror
s
issues
query
c
shop
redirect

Server-Side Template Injection

Server-Side Request Forgery

SQL Injection

Open Redirect

IDOR

File Inclusion

Debug

Command Injection

Resources

LogoSusParams: Hypercharge your web testing with DATA | AppSecVillagewww.appsecvillage.com
LogoGitHub - g0ldencybersec/sus_paramsGitHub
PreviousRemote File Inclusion (RFI)NextTooling

Last updated