https://github.com/ayemunhossain/idord
✅ Experience the power of an automated Insecure Direct Object Reference (IDOR) vulnerability detection tool. Safeguard your applications with cutting-edge technology that identifies potential security weaknesses in an efficient and streamlined manner.
https://github.com/ayemunhossain/idord
automated-testing ayemunhossain cybersecurity idor idor-attack idor-vulnerability insecure-direct-object-references python python-script python3 security-tools securityscan
Last synced: 11 months ago
JSON representation
✅ Experience the power of an automated Insecure Direct Object Reference (IDOR) vulnerability detection tool. Safeguard your applications with cutting-edge technology that identifies potential security weaknesses in an efficient and streamlined manner.
- Host: GitHub
- URL: https://github.com/ayemunhossain/idord
- Owner: AyemunHossain
- Created: 2022-03-09T19:08:00.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-11-20T13:19:42.000Z (over 2 years ago)
- Last Synced: 2024-05-28T15:06:55.337Z (about 2 years ago)
- Topics: automated-testing, ayemunhossain, cybersecurity, idor, idor-attack, idor-vulnerability, insecure-direct-object-references, python, python-script, python3, security-tools, securityscan
- Language: Python
- Homepage:
- Size: 190 KB
- Stars: 32
- Watchers: 2
- Forks: 10
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# 🛡️ IDOR Detector - Automated IDOR Vulnerability Scanner 🔍
Welcome to **IDOR Detector**, an **automated security tool** designed to detect **Insecure Direct Object Reference (IDOR) vulnerabilities** in web applications and APIs. This tool helps **security researchers, penetration testers, and developers** identify **unauthorized access risks** and **prevent data leaks**.
---
## 📌 About This Tool
**IDOR Detector** automates the process of **testing object identifiers** in API requests, checking if they can be **manipulated** to access **restricted** or **sensitive** data.
💡 **What is IDOR?**
IDOR occurs when an application **does not properly enforce authorization**, allowing attackers to modify object IDs (e.g., user IDs, file numbers) and gain access to **other users' data**.
---
## 🚀 Features
- ✅ **Automated IDOR Scanning** – Detects unauthorized access risks in APIs and web applications.
- ✅ **Customizable Payloads** – Supports numeric, alphanumeric, and UUID-based identifiers.
- ✅ **Authenticated Testing** – Allows adding custom **headers and cookies** for testing secured endpoints.
- ✅ **Smart Fuzzing** – Generates and tests various **object ID variations** dynamically.
- ✅ **Logging & Reporting** – Saves detailed **scan results** for security auditing.
---
## ✅ Who This Tool is For?
🔐 Ethical Hackers & Penetration Testers – Identify IDOR vulnerabilities in applications.
👨💻 Developers & Security Engineers – Prevent unauthorized data access.
🎯 Bug Bounty Hunters – Automate IDOR testing to find security flaws faster.
---
## Installation
IDORD requires Python3 and pip to run.
Install the dependencies and start the tool.
```sh
pip install -r requirements.txt
#Active the virtual env [varies in linux and windows]
RUN: cd Wrapper
RUN: python3 IDORD.py
#bang bang
```