Loading...
Wednesday, December 5, 2012

0d1n - just another web security tool


This simple tool is for automating customized attacks against web applications, made in Ansi C with libcurl.

"This tool have the purpose to explain how a web vulnerability scanner works, made for demonstration at the OWASP Floripa 2012 lecture "

$ ./0d1n 
       ~.             ~             
         01...___|__..10.              
          1010   101   101             
           0101  :Bug  :Sec   `.oo'   
           :101  |666  |101  ( (`-'   
 .---.    1010  ;110  ;010   `.`.     
/ .-._)  111-"""|"""'-000      `.`.   ( (`._) .-.  .-. |.-.  .-.  .-. ) ) 
  `---( 1 )( 0 )( 1 )( 1 )( 0 )-' /  
 `.    `-'  `-'  `-'  `-'  `-'  .'   
   `---------------------------'     
Odin simple scanner v 0.8
-h host to scan
-p payload list to inject
-f grep list to find on response
-c cookie jar file to load
-P post method params  ex: 'var=!&x=!...'
-o output of result
-u custom UserAgent
-s Load CA certificate to work with SSL
-T Timeout of response
-t Number of threads
example:
./odin --h 'http://site.com/view/1!/product/!/' --p sqli.txt --f response_sqli.txt --o site 
Coded by Cooler_
 c00f3r[at]gmail[dot]com
 BUGSEC TEAM

Github


Download 

Video example


Source -


0 comments:

Post a Comment

 
TOP