{"id":22128841,"url":"https://github.com/ayemunhossain/idord","last_synced_at":"2025-07-25T18:31:55.547Z","repository":{"id":43258012,"uuid":"468059675","full_name":"AyemunHossain/IDORD","owner":"AyemunHossain","description":"āœ… Experience the power of an automated Insecure Direct Object Reference (IDOR) vulnerability detection tool. Safeguard your applications with cutting-edge technology that identifies potential security weaknesses in an efficient and streamlined manner.","archived":false,"fork":false,"pushed_at":"2023-11-20T13:19:42.000Z","size":195,"stargazers_count":32,"open_issues_count":2,"forks_count":10,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-05-28T15:06:55.337Z","etag":null,"topics":["automated-testing","ayemunhossain","cybersecurity","idor","idor-attack","idor-vulnerability","insecure-direct-object-references","python","python-script","python3","security-tools","securityscan"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AyemunHossain.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-03-09T19:08:00.000Z","updated_at":"2024-05-23T08:49:01.000Z","dependencies_parsed_at":"2023-11-20T14:43:04.418Z","dependency_job_id":null,"html_url":"https://github.com/AyemunHossain/IDORD","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AyemunHossain%2FIDORD","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AyemunHossain%2FIDORD/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AyemunHossain%2FIDORD/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AyemunHossain%2FIDORD/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AyemunHossain","download_url":"https://codeload.github.com/AyemunHossain/IDORD/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":227606495,"owners_count":17792795,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automated-testing","ayemunhossain","cybersecurity","idor","idor-attack","idor-vulnerability","insecure-direct-object-references","python","python-script","python3","security-tools","securityscan"],"created_at":"2024-12-01T17:48:25.656Z","updated_at":"2025-07-25T18:31:55.138Z","avatar_url":"https://github.com/AyemunHossain.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# šŸ›”ļø IDOR Detector - Automated IDOR Vulnerability Scanner šŸ” \r\n\r\nWelcome to **IDOR Detector**, an **automated security tool** designed to detect **Insecure Direct Object Reference (IDOR) vulnerabilities** in web applications and APIs. This tool helps **security researchers, penetration testers, and developers** identify **unauthorized access risks** and **prevent data leaks**. \r\n\r\n---\r\n\r\n## šŸ“Œ About This Tool \r\n**IDOR Detector** automates the process of **testing object identifiers** in API requests, checking if they can be **manipulated** to access **restricted** or **sensitive** data. \r\n\r\nšŸ’” **What is IDOR?** \r\nIDOR occurs when an application **does not properly enforce authorization**, allowing attackers to modify object IDs (e.g., user IDs, file numbers) and gain access to **other users' data**. \r\n\r\n---\r\n\r\n## šŸš€ Features \r\n- āœ… **Automated IDOR Scanning** ā€“ Detects unauthorized access risks in APIs and web applications. \r\n- āœ… **Customizable Payloads** ā€“ Supports numeric, alphanumeric, and UUID-based identifiers. \r\n- āœ… **Authenticated Testing** ā€“ Allows adding custom **headers and cookies** for testing secured endpoints. \r\n- āœ… **Smart Fuzzing** ā€“ Generates and tests various **object ID variations** dynamically. \r\n- āœ… **Logging \u0026 Reporting** ā€“ Saves detailed **scan results** for security auditing. \r\n\r\n---\r\n\r\n## āœ… Who This Tool is For?\r\nšŸ” Ethical Hackers \u0026 Penetration Testers ā€“ Identify IDOR vulnerabilities in applications.\r\nšŸ‘Øā€šŸ’» Developers \u0026 Security Engineers ā€“ Prevent unauthorized data access.\r\nšŸŽÆ Bug Bounty Hunters ā€“ Automate IDOR testing to find security flaws faster.\r\n\r\n---\r\n\r\n## Installation\r\n\r\nIDORD requires Python3 and pip to run.\r\n\r\nInstall the dependencies and start the tool.\r\n\r\n```sh\r\npip install -r requirements.txt\r\n\r\n#Active the virtual env [varies in linux and windows]\r\n\r\nRUN: cd Wrapper \r\nRUN: python3 IDORD.py\r\n#bang bang\r\n```\r\n\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fayemunhossain%2Fidord","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fayemunhossain%2Fidord","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fayemunhossain%2Fidord/lists"}