Welcome to the Linux Foundation Forum!

New tool to fuzz web inputs "0d1n"

Hi all, i am here to share my new open source tool to make custom testes in web applications...

0d1n is a tool for automating customized attacks against web applications.

Tool functions:

*Brute force login and passwords in auth forms

*Directory disclosure ( use PATH list to brute, and find HTTP status code )

*Test to find SQL Injection and XSS vulnerabilities

*Test to find SSRF

*Test to find COmmand injection

*Options to load ANTI-CSRF token each request

*Options to use random proxy per request

*other functions...

to run and install follow this steps:
require libcurl-dev or libcurl-devel(on rpm linux based)

$ git clone https://github.com/CoolerVoid/0d1n/

You need libcurl to run, look the following to install::

$ sudo apt-get install libcurl-dev

if rpm distro

$ sudo yum install libcurl-devel

To install follow this cmd:

$ cd 0d1n

**$ make; sudo make install USER=name_your_user; **

**$ cd 0d1n_view; make; sudo make install USER=name_your_user; **

Up the view server to look the reports online:

**$ sudo 0d1n_view **

Now in other console you can run the tool:

$ 0d1n

to uninstall follow this steps:

$ cd 0d1n; sudo make uninstall

$ cd 0d1n_view; sudo make uninstall

Thank you
cheers

Categories

Upcoming Training