Linux command
x8 命令
网络
复制后可按需替换文件名、目录或参数。
常用示例
Find hidden parameters
x8 -u [https://example.com/page] -w [params.txt]
With custom headers
x8 -u [url] -w [wordlist] -H "[Cookie: value]"
Output to file
x8 -u [url] -w [wordlist] -o [output.txt]
Multiple URLs
x8 -l [urls.txt] -w [params.txt]
说明
x8 is a hidden parameter discovery tool for web applications used in authorized security testing and bug bounty research. It sends requests with candidate parameter names from a wordlist and analyzes responses to identify parameters that the application accepts but does not publicly document. The tool supports discovery through multiple HTTP methods including GET query parameters, POST body data, and HTTP headers. Concurrent request handling enables fast scanning, and multiple URLs can be processed from a file for batch testing.
参数
- -u _URL_
- Target URL.
- -l _FILE_
- URL list.
- -w _FILE_
- Parameter wordlist.
- -H _HEADER_
- Custom header.
- -o _FILE_
- Output file.
FAQ
What is the x8 command used for?
x8 is a hidden parameter discovery tool for web applications used in authorized security testing and bug bounty research. It sends requests with candidate parameter names from a wordlist and analyzes responses to identify parameters that the application accepts but does not publicly document. The tool supports discovery through multiple HTTP methods including GET query parameters, POST body data, and HTTP headers. Concurrent request handling enables fast scanning, and multiple URLs can be processed from a file for batch testing.
How do I run a basic x8 example?
Run `x8 -u [https://example.com/page] -w [params.txt]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -u _URL_ do in x8?
Target URL.