GManOfficial / IDOR-IN
The IDOR IN works by systematically scanning a target web application and examining various endpoints, parameters, and data access points to identify potential IDOR vulnerabilities. It leverages techniques such as parameter fuzzing, payload injection, and response analysis to detect signs of insecure direct object references.
☆10Updated last year
Related projects ⓘ
Alternatives and complementary repositories for IDOR-IN
- Enumeration & fingerprint tool☆23Updated 8 months ago
- ☆13Updated last year
- NetFuzzer is a comprehensive network security assessment tool for internal and external networks, including Firewalls, Routers, Switches,…☆13Updated 3 months ago
- A bash script that automates the process of port scanning and service discovery on specified target hosts. The aim of the scripts is redu…☆12Updated last month
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7Updated 2 years ago
- Impacket is a collection of Python classes for working with network protocols.☆10Updated last year
- This repo is just a guide where you can find all labs of burp suite resolved, you can see the workflow and all type of web attacks☆12Updated 2 years ago
- ResetRyder - Open Source Brute Force Password Reset Tool☆15Updated last month
- A python script to check if URLs are allowed or disallowed by a robots.txt file.☆21Updated 2 years ago
- Several scripts are based on the Netlas.io search engine. They will allow you to carry out the reconnaissance phase before the pen test i…☆33Updated last month
- Various scripts & tools☆11Updated 6 months ago
- The Catherine Framework is a general-purpose cybersecurity framework built to provide extended support for defense operations.☆16Updated 6 months ago
- A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticat…☆11Updated 6 months ago
- XSSMaze is a web service designed to test and improve the performance of security testing tools by providing various cases of XSS vulnera…☆24Updated 6 months ago
- Python script implementing the favicon hash trick to find subdomains.☆26Updated last year
- Search for sensitive data in Postman public library. Original work from https://github.com/cosad3s/postleaks☆27Updated last year
- Remove Offensive and Profane Words from Wordlists☆14Updated last year
- Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs☆11Updated last year
- JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications☆12Updated 6 months ago
- Burp extension used to snip any header from all the requests.☆22Updated last year
- Advanced test for proxy & waf☆12Updated last month
- CLI tool that extracts a regex pattern from a list of urls ( Rust )☆59Updated 2 years ago
- Highly configurable script for dictionary/spray attacks against online web applications.☆54Updated 2 years ago
- Powerful advanced web platform for C2 managing and automated penetration testing.☆14Updated last year
- Monitor your target continuously for new subdomains!☆26Updated last year
- Automate Blind SQL Injection with Python.☆20Updated 2 years ago
- Find host header injections and perform Host Header attacks with other kind of bugs like web cache poisoning☆47Updated last year
- Repository of useful payloads and tips for pentesting/bug bounty.☆25Updated this week
- Fuzz for hidden proxies, vhosts, and URLs☆16Updated 3 years ago
- A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Writte…☆27Updated 2 years ago
- ☆14Updated last year