Web Application Security

0d1n v2.5 – Web Security Tool to Make Fuzzing at HTTP/S

Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0d1n is a tool for automating customized attacks against web applications.

You can do:

  • Brute force passwords in auth forms
  • Directory disclosure ( use PATH list to brute, and find HTTP status code )
  • Test list on input to find SQL Injection and XSS vulnerabilities
  • Options to load ANTI-CSRF token each request
  • Options to use random proxy per request
  • Other functions…

 

To run:

require libcurl-dev or libcurl-devel(on rpm linux based)

$ git clone https://github.com/CoolerVoid/0d1n/

need libcurl to run

$ sudo apt-get install libcurl-dev

if rpm distro

$ sudo yum install libcurl-devel
$ make
$./0d1n