How to Use ParamSpider Tool — For Bug Bounty

3 min readMay 24, 2024


How to Use ParamSpider Tool — For Bug Bounty

In the world of bug bounty hunting, efficient and effective tools are essential for discovering vulnerabilities. One such tool that has gained popularity among bug bounty hunters is ParamSpider. This tool helps in extracting URLs with parameters from various sources, making it easier to identify potential points of exploitation. In this article, we’ll dive deep into how to use ParamSpider, its features, installation process, and practical examples.

What is ParamSpider?

ParamSpider is a versatile tool designed to find URLs with parameters from different sources such as web pages, JavaScript files, and APIs. By extracting these URLs, bug bounty hunters can focus on parameter-based vulnerabilities like Cross-Site Scripting (XSS), SQL Injection (SQLi), and Open Redirects.

Features of ParamSpider

  • Comprehensive URL Extraction: Extracts URLs with parameters from a variety of sources.
  • Customizable: Allows users to specify domains and customize search depth.
  • Integration: Can be integrated with other tools for automated scanning and testing.


Installing ParamSpider is straightforward. Follow these steps to get started:

  1. Clone the Repository:
git clone

2. Navigate to the Directory:

cd ParamSpider

3. Install the Required Dependencies:

pip3 install -r requirements.txt

Using ParamSpider

Once installed, you can start using ParamSpider to find URLs with parameters. Here are some common usage scenarios:

Basic Usage

To run ParamSpider for a specific domain, use the following command:

python3 -d

This command will extract URLs with parameters from the specified domain.

Customizing Search Depth

You can customize the depth of the search using the -l flag. For example, to set the search depth to 3:

python3 -d -l 3

Saving Output to a File

To save the extracted URLs to a file, use the -o flag:

python3 -d -o output.txt

Including Subdomains

If you want to include subdomains in your search, use the -s flag:

python3 -d -s

Practical Example

Let’s walk through a practical example of using ParamSpider for bug bounty hunting. Suppose you are targeting a website Here’s how you can use ParamSpider to extract URLs with parameters:

1. Run ParamSpider:

python3 -d -o urls.txt

2. Review the Output:

Open the urls.txt file to review the extracted URLs. Look for URLs with parameters that might be vulnerable to attacks.

3. Test for Vulnerabilities:

Use other tools like Burp Suite or OWASP ZAP to test these URLs for common vulnerabilities like XSS, SQLi, and Open Redirects.

Common Issues and Troubleshooting paramspider Follow This Blog:

ParamSpider is a powerful tool for bug bounty hunters, simplifying the process of finding parameterized URLs. By leveraging its features, you can streamline your vulnerability discovery process and enhance your bug bounty hunting efficiency. Remember to use this tool responsibly and ethically, adhering to the rules and guidelines of your target’s bug bounty program.