0d1n v2.1 Beta - is a tool for automating customized attacks against web applications.

0d1n v2.1 Beta – is a tool for automating customized attacks against web applications.

Changelog v2.1 beta:
+ add test file php to find XSS
+ change banner information add other example
+ add load token function of forms anti-csrf
+ fix bug at get csrf token

0d1n-2.1-beta

0d1n-2.1-beta

0d1n is a Open Source web application bruteforcer and Fuzzer, its objective is to automate exhaustive tests to search anomalies. At other point view this anomalies can be a vulnerability, These tests can follow web parameters, files, directories, forms and others.

odin -Console

odin -Console

Rules you need know about parameters:
 Each parameter is a resource function to help you
 When you view caracter ’ ˆ ’(circumflex) this is lexical caracter this represent the payload to replace each line in text file
 The parameter ”–log” you need use always
 The parameter ”–host” you need use always
 The parameter ”–save response” if you use on end command, save Responses of requests, so if you click in ”status code” at javascript table you can view response with highlights 0d1n web

Tamper resource:
 Tamper is a function to use camouflage in your payload, this way you can try bypass web application firewall
 Each options use different technique to try hide payload
 You need to remember to using proxy list per Request to try walk in stealth to work without blacklists.

You can follow this command to make custom fuzzing:
 ./0d1n –host http://localhost/ –custom my request.txt –payloads payloads/xss.txt –find regex list payloads/guess.txt –log 133oooo5 –save response –timeout 5

Following this to get, decompress, compile and execute:
 wget https://github.com/CoolerVoid/0d1n/archive/master.zip;
 unzip master.zip; cd 0d1n-master; make; ./0d1n

Installation using git:

Download : 0d1n_v2.1.zip (4.1 MB)
Source : Od1n | Our post Before