macOS
brew install arjunlocal Homebrew formula metadata
安装
brew install arjunlocal Homebrew formula metadata
nix profile install nixpkgs#arjunnixpkgs package indexes · pkgs/by-name/ar/arjun/package.nix · 来源: api.github.com
概览
HTTP parameter discovery suite
历史
Arjun is an HTTP parameter discovery suite for reconnaissance and application-security testing. Its README describes the core job plainly: find valid query or body parameters for URL endpoints, using a large built-in parameter-name dictionary while trying to keep request counts low.
Arjun is maintained in the s0md3v/Arjun GitHub repository and distributed as a Python CLI. The official README positions it around practical web testing tasks: GET, POST, JSON, and XML request probing; timeout and rate-limit handling; output to Burp Suite, text, or JSON; and target import from files, Burp, or raw HTTP requests.
The project release stream visible from the official GitHub releases shows 1.x releases by 2018-2019, a 2.0 beta in 2020, and continued 2.2.x releases through 2024. The README's installation recommendation is pipx, with pip as a fallback for older Python environments.
The supplied package facts show Arjun packaged for Homebrew, Debian, Ubuntu, and Nix, which is typical for Python security tooling that becomes useful enough to install from OS and developer package managers rather than only from source.
Arjun's adoption niche is bug bounty, recon, and API testing workflows where hidden or undocumented parameters can change endpoint behavior. Its README credits Common Crawl, SecLists, Param Miner, and data-payloads as sources or relatives for the parameter wordlists, tying it to the broader web-security wordlist ecosystem.
The executable is arjun. Users normally point it at one URL or a list of targets, choose request methods and headers as needed, and export discovered parameters for later manual testing or Burp-centered workflows.
The official README does not document a persistent config file or credential store. Operationally, options are passed on the command line or through imported request/target files.
Arjun is package-nerdy because it turns a common recon step into a repeatable CLI primitive. It is small, Python-packaged, and easy to drop into Homebrew, distro packages, Nix shells, or security-tool images.
Its value is not a framework or scanner platform; it is the narrow, automatable act of parameter discovery. That narrowness is why it fits well beside tools like Burp, SecLists, Param Miner, ffuf, httpx, and other recon CLIs.
安全态势
没有找到 arjun 的匹配本地密钥处理 manifest。Nucleus 软件包元数据仍在此发布,以便未来覆盖拥有稳定的软件包 URL。
在无人值守的代理使用前,请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。
可执行文件
| 命令 | 类型 | 暴露范围 | 备注 |
|---|---|---|---|
arjun | cli | 全局可执行文件 |
新鲜度
这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。
https://github.com/s0md3v/Arjun
安装元数据
| 软件包键 | brew:arjun |
|---|---|
| 版本 | 2.2.7 |
| 软件包管理器 | Homebrew |
| 软件包管理器页面 | https://formulae.brew.sh/formula/arjun |
| 主页 | https://github.com/s0md3v/Arjun |
| 仓库 | https://github.com/s0md3v/Arjun |
| 上游文档 | https://github.com/s0md3v/Arjun#readme |
| 许可证 | AGPL-3.0-only |
| 源码归档 | https://files.pythonhosted.org/packages/04/22/c5b969720d2802de2248c2aac0414ee5ae234887cfe150564d591c73fb23/arjun-2.2.7.tar.gz |
| 最后更新 | 2026-06-22T10:12:13-04:00 |
| Pulse | updated |
| 依赖 | certifi, python@3.14 |
| Bottle | 可用 (于 all) |
| Homebrew post-install | 未定义 |
| 服务 | 未声明 |
注册表事实
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | arjun |
| Version Scheme | 0 |
| Revision | 7 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
源数据库匹配
匹配项来自外部软件包管理器索引,并与本地 Automic Vault 软件包链接分开显示。
arjun 2.2.7-1
HTTP parameter discovery suite
https://github.com/s0md3v/Arjun
sudo apt install arjunarjun
nix profile install nixpkgs#arjunarjun 2.2.1-2
HTTP parameter discovery suite
https://github.com/s0md3v/Arjun
sudo apt install arjun来源线索
此页面由 av-web 从 scripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。
View the package source record on GitHub.