🛠️ Arjun

Primary: 01 - Web Security

Secondary: 02 - Enumeration

Installation

Arjun is a tool designed to find hidden HTTP parameter.

sudo apt install arjun

Common Commands

CommandDescription
arjun -u <target_URL>Basic GET scan
arjun -u <target_URL> -w <wordlist>Scan against a custom wordlist
arjun -u <target_URL> -m POSTPOST request scan
arjun -u <target_URL> -m JSONScan with a JSON body
arjun -i targets.txtScan multiple targets
arjun -u <target_URL> --passiveQuery external databases for past parameters
arjun -u <target_URL> --stableDealing with rate-limiting by adding random delay
arjun -u <target_URL> --rate-limit <some_number>Limit the number of request per second
arjun -u <target_URL> --headers "Cookie: session=<...>; Authorization: <...>"Authenticated scanning
arjun -u <target_URL> -oJ results.jsonOutput into a json file

CTFs

FileCreated
BKSEC - Happy SoldierTuesday, February 17th 2026, 11:01:44 pm
BKSEC - Happy Soldier RevengeTuesday, February 17th 2026, 11:10:48 pm