x8_parameter_discovery
Discovers hidden parameters in web applications using x8 tool with enhanced logging for bug bounty security testing.
Instructions
Execute x8 for hidden parameter discovery with enhanced logging.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| additional_args | No | ||
| body | No | ||
| headers | No | ||
| method | No | GET | |
| url | Yes | ||
| wordlist | No | /usr/share/wordlists/seclists/Discovery/Web-Content/burp-parameter-names.txt |
Implementation Reference
- src/mcp_server/app.py:906-936 (handler)MCP server tool handler and registration for 'x8_parameter_discovery'. Proxies requests to the REST API endpoint /api/x8-parameter-discovery.@mcp.tool() def x8_parameter_discovery( url: str, wordlist: str = ( "/usr/share/wordlists/seclists/Discovery/Web-Content/" "burp-parameter-names.txt" ), method: str = "GET", body: str = "", headers: str = "", additional_args: str = "", ) -> dict[str, Any]: """Execute x8 for hidden parameter discovery with enhanced logging.""" data = { "url": url, "wordlist": wordlist, "method": method, "body": body, "headers": headers, "additional_args": additional_args, } logger.info(f"🔍 Starting x8 parameter discovery on {url}") result = api_client.safe_post("api/x8-parameter-discovery", data) if result.get("success"): logger.info(f"✅ x8 parameter discovery completed on {url}") else: logger.error("❌ x8 parameter discovery failed") return result
- REST API handler function 'execute_x8' that runs the x8 CLI tool, builds command, executes it, and parses output into structured findings.@tool(required_fields=["url"]) def execute_x8(): """Execute x8 for hidden parameter discovery.""" data = request.get_json() params = extract_x8_params(data) started_at = datetime.now() command = build_x8_command(params) execution_result = execute_command(command, timeout=params.get("timeout", 600)) ended_at = datetime.now() return parse_x8_output(execution_result, params, command, started_at, ended_at)
- Helper function to extract and default x8 tool parameters from incoming request data.def extract_x8_params(data: dict) -> dict: """Extract and organize x8 parameters from request data.""" return { "url": data["url"], "wordlist": data.get("wordlist", "/usr/share/wordlists/x8/params.txt"), "method": data.get("method", "GET"), "body": data.get("body", ""), "headers": data.get("headers", ""), "output_file": data.get("output_file", ""), "discover": data.get("discover", True), "learn": data.get("learn", False), "verify": data.get("verify", True), "max": data.get("max", 0), "workers": data.get("workers", 25), "as_body": data.get("as_body", False), "encode": data.get("encode", False), "force": data.get("force", False), "additional_args": data.get("additional_args", ""), "profile": data.get("profile", "standard"), "timeout": data.get("timeout", 600), "recon": data.get("recon", "full"), }
- Helper function to construct the x8 CLI command line arguments from parameters.def build_x8_command(params: dict) -> list[str]: """Build the x8 command from parameters.""" args = ["x8", "-u", params["url"]] # Add HTTP method if params.get("method"): args.extend(["-X", params["method"]]) # Add wordlist if params.get("wordlist"): args.extend(["-w", params["wordlist"]]) # Add body data if params.get("body"): args.extend(["-b", params["body"]]) # Add headers headers = params.get("headers") if headers: if isinstance(headers, str): args.extend(["-H", headers]) elif isinstance(headers, dict): for key, value in headers.items(): args.extend(["-H", f"{key}:{value}"]) # Add output file if params.get("output_file"): args.extend(["-o", params["output_file"]]) # Add workers (concurrency) workers = params.get("workers", 25) if workers > 1: args.extend(["-c", str(workers)]) # Add max parameters per request max_params = params.get("max", 0) if max_params > 0: args.extend(["-m", str(max_params)]) # Add boolean flags if params.get("verify"): args.append("--verify") if params.get("encode"): args.append("--encode") if params.get("force"): args.append("--force") if params.get("as_body"): args.append("--invert") if params.get("learn"): args.append("--learn") if params.get("recon"): args.append("--recon") # Add additional args if provided if params.get("additional_args"): args.extend(params["additional_args"].split()) return args
- Helper function to parse x8 tool output, extract discovered parameters, and format into standardized findings structure.def parse_x8_output( execution_result: dict[str, Any], params: dict, command: list[str], started_at: datetime, ended_at: datetime, ) -> dict[str, Any]: """Parse x8 execution results into structured findings.""" duration_ms = int((ended_at - started_at).total_seconds() * 1000) if not execution_result["success"]: return { "success": False, "tool": "x8", "params": params, "command": command, "started_at": started_at.isoformat(), "ended_at": ended_at.isoformat(), "duration_ms": duration_ms, "error": execution_result.get("error", "Command execution failed"), "findings": [], "stats": {"findings": 0, "dupes": 0, "payload_bytes": 0}, } # Parse successful output stdout = execution_result.get("stdout", "") findings = [] # Extract discovered parameters from output for line in stdout.strip().split("\n"): line = line.strip() if not line: continue param_info = _extract_parameter_from_line(line) if param_info: finding = { "type": "parameter", "target": param_info.get("name", line), "evidence": { "raw_output": line, "method": param_info.get("method", "GET"), "discovery_method": "brute_force", }, "severity": "info", "confidence": param_info.get("confidence", "medium"), "tags": ["x8", "parameter-discovery"], "raw_ref": line, } findings.append(finding) payload_bytes = len(stdout.encode("utf-8")) return { "success": True, "tool": "x8", "params": params, "command": command, "started_at": started_at.isoformat(), "ended_at": ended_at.isoformat(), "duration_ms": duration_ms, "findings": findings, "stats": { "findings": len(findings), "dupes": 0, "payload_bytes": payload_bytes, }, }