The IDOR IN works by systematically scanning a target web application and examining various endpoints, parameters, and data access points to identify potential IDOR vulnerabilities. It leverages techniques such as parameter fuzzing, payload injection, and response analysis to detect signs of insecure direct object references.
☆23Jun 25, 2023Updated 2 years ago
Alternatives and similar repositories for IDOR-IN
Users that are interested in IDOR-IN are comparing it to the libraries listed below
Sorting:
- An interactive bash script for detecting IDOR vulnerabilities. Automates the discovery of access control issues in web applications, enha…☆15Apr 10, 2025Updated 10 months ago
- Describe how to use ffuf different options with examples☆13Jun 13, 2022Updated 3 years ago
- Methodoloy for pentesting web applications.☆10Aug 18, 2022Updated 3 years ago
- Collected resources for OSWA preparation.☆26Jan 25, 2023Updated 3 years ago
- ☆19Aug 26, 2020Updated 5 years ago
- Automatic Mass Tool for check and exploiting vulnerability in CVE-2023-3076 - MStore API < 3.9.9 - Unauthenticated Privilege Escalation (…☆16Sep 20, 2023Updated 2 years ago
- a ZAPROXY Addon ActiveScan for detecting SQL injection with more better way.☆18Jan 22, 2025Updated last year
- AI-based Web Application Penetration Testing Tool☆24Jan 19, 2024Updated 2 years ago
- Laravel PHP framework black-box vulnerability scanner☆37Sep 3, 2024Updated last year
- This tool is a simple LFI, RFI, RCE, and Joomla Components vulnerability scanner, created by JayCyberSecurity☆22Apr 26, 2022Updated 3 years ago
- Bybit API client library for Go (ByBit API connector)☆10Dec 19, 2025Updated 2 months ago
- A list of ChatGPT Prompts for Web Application Security, Bug Bounty, and Pentesting☆37May 18, 2023Updated 2 years ago
- Final assignment for the course Data Visualization with Python, part of IBM Data Science Professional Certification on Coursera☆11Jun 22, 2020Updated 5 years ago
- Detect SSRF within Caido☆48Feb 20, 2026Updated 2 weeks ago
- Command Execution exploiter with an auto connection handling☆32Jun 15, 2022Updated 3 years ago
- A Complete SSRF (Server Side Request Forgery) Scanner.☆41Dec 1, 2025Updated 3 months ago
- Notes and cheatsheets for the OffSec Wireless Professional (OSWP) certification☆44Oct 29, 2023Updated 2 years ago
- It is a ML based project developed in python language. It detect and recognize the face and mark attendance of that person. It's good poi…☆10Aug 13, 2023Updated 2 years ago
- Jenkins WebInspect Plugin Publisher provides the ability to upload a WebInspect scan file, from your Jenkins server to your Fortify Softw…☆11Dec 23, 2025Updated 2 months ago
- Configurations for a vertical 72" PiWall system☆13Jan 21, 2017Updated 9 years ago
- Hack The Box OSCP-like VMs writeups☆11Oct 11, 2020Updated 5 years ago
- ☆14May 14, 2022Updated 3 years ago
- Metasploit framework via HTTP services☆10Jul 31, 2021Updated 4 years ago
- Final year project in Magshimim, focusing on Python development and Web Exploitation.☆10Apr 29, 2023Updated 2 years ago
- A proof of concept for Joomla's CVE-2015-8562 vulnerability (Object Injection RCE)☆10May 3, 2024Updated last year
- Pwndoc local file inclusion to remote code execution of Node.js code on the server☆47Jan 31, 2025Updated last year
- Query builder for mongo_dart and objectory☆11Jan 26, 2026Updated last month
- API for National Voter File.☆15Jul 29, 2017Updated 8 years ago
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆12Jul 19, 2020Updated 5 years ago
- ARL使用代理池联动nuclei,xray通过企业微信机器人告警☆10Oct 28, 2022Updated 3 years ago
- This repository is a collection of notes, links, tutorials, and experiences aimed at helping others. If you find it useful, please consid…☆19Jun 24, 2025Updated 8 months ago
- A small go harness that uses Ollama to orchestrate LLMs in a restricted process flow☆16Sep 10, 2024Updated last year
- my nuclei templates #new☆11Jun 24, 2024Updated last year
- script to brute force ssh or ftp passwords☆12Jul 22, 2016Updated 9 years ago
- this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..☆10Aug 15, 2024Updated last year
- 🕷️ n8n Community Node for Scrappey API – Automate web scraping and data extraction with advanced anti-bot blocking technology, seamlessl…☆16Feb 2, 2026Updated last month
- Speeding up identifying which binaries with a SUID flag may lead to root access☆15Aug 26, 2024Updated last year
- Goby-Poc-Collection for Goby scanner https://github.com/gobysec/Goby - forked from many github accounts Thanks the authors☆12Dec 10, 2023Updated 2 years ago
- Get newest public disclosed HackerOne report notifications on your Desktop☆14Jan 29, 2020Updated 6 years ago