0d1n – Tool For Bruteforcing Web Applications

Comments Off on 0d1n – Tool For Bruteforcing Web Applications

0d1n is a tool for automating customized attacks against web applications.

It is an Open Source web application bruteforcer and Fuzzer, its objective is to automate exhaustive tests to find anomalies/vulnerabilities. These tests can follow web parameters, files, directories, forms and others.

Features:

  • Brute force login and passwords in auth forms
  • Directory disclosure ( use PATH list to brute, and find HTTP status code )
  • Test to find SQL Injection and XSS vulnerabilities
  • Options to load ANTI-CSRF token each request
  • Options to use random proxy per request
  • and More…

Rules you need know about parameters:

  • Each parameter is a resource function to help you
  • When you view character ’ ˆ ’(circumflex) this is lexical character  this represents the payload to replace each line in text file
  • The parameter “–log” you need use always
  • The parameter “–host” you need use always
  • The parameter “–save response” if you use on end command, save Responses of requests, so if you click in “status code” at javascript table you can view response with highlights.
Tamper resource:
  • Tamper is a function to use camouflage in your payload, this way you can bypass web application firewall
  • Each option use a different technique to hide the payload
  • You need to remember to using proxy list per Request to try to walk in stealth to work without blacklists.

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress