Parameter and web fuzzing tools

Here's the list of tools for parameter discovery:

1. [Parameth](https://github.com/maK-/parameth) - This tool can be used to brute discover GET and POST parameters.
2. [Param-miner](https://github.com/PortSwigger/param-miner) - This extension identifies hidden, unlinked parameters and is particularly useful for finding web cache poisoning vulnerabilities.
3. [ParamPamPam](https://github.com/Bo0oM/ParamPamPam) - ParamPamPam is a tool for brute discovering GET and POST parameters.
4. [Arjun](https://github.com/s0md3v/Arjun) - Arjun is an HTTP parameter discovery suite.
5. [ParamSpider](https://github.com/devanshbatham/ParamSpider) - ParamSpider is a tool for mining parameters from the dark corners of Web Archives.
6. [x8](https://github.com/Sh1Yo/x8) - x8 is a hidden parameters discovery suite written in Rust.

Here's the list of web fuzzing tools:

1. [Fuzzingwfuzz](https://github.com/xmendez/wfuzz) - Web application fuzzer
2. [ffuf](https://github.com/ffuf/ffuf) - Fast web fuzzer written in Go
3. [fuzzdb](https://github.com/fuzzdb-project/fuzzdb) - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
4. [IntruderPayloads](https://github.com/1N3/IntruderPayloads) - Collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads, and web pentesting methodologies and checklists.
5. [fuzz.txt](https://github.com/Bo0oM/fuzz.txt) - Potentially dangerous files fuzz list.
6. [fuzzilli](https://github.com/googleprojectzero/fuzzilli) - JavaScript Engine Fuzzer.
7. [fuzzapi](https://github.com/Fuzzapi/fuzzapi) - Tool for REST API pentesting using the API_Fuzzer gem.
8. [qsfuzz](https://github.com/ameenmaali/qsfuzz) - Query String Fuzzer for building custom rules and identifying vulnerabilities.
9. [vaf](https://github.com/d4rckh/vaf) - Very advanced (web) fuzzer written in Nim.
rr