Project description

idox - Indirect Data Exploiter

A CLI or embedded tool for easily downloading IDOR'd files from a burp request.

Imagine you have a website that looks like the following:

https://domain.com/images/5/download
https://domain.com/images/6/download

Then you could use the following burp request:

request.txt

GET /images/$INJECT$/download HTTP/1.1
Host: domain.com

To IDOR all images with the id's from 0 to 100 like so

python -m idox --request-file-path request.txt 100

This would create an output directory which stores all the responses from your target site by response content type.

For further usage, see python -m idox --help or the data directory.

Want realtime help? Join the discord here.

This project is licensed under the MIT license

Want a feature added quickly? Want me to help build your software using Alaric?

Sponsor me here

These details have not been verified by PyPI

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

This version

0.1.1

Mar 30, 2024

0.1.0

Mar 30, 2024

0.0.1

Feb 5, 2024

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Uploaded Mar 30, 2024 Source

Uploaded Mar 30, 2024 Python 3

Hashes for idox-0.1.1-py3-none-any.whl
Algorithm	Hash digest
SHA256	`66bc145262af94044c427225b83c598c407fb24f7ca4550e93545867412cb325`
MD5	`cfa2df588488b79b2b9f67f2110a8ab2`
BLAKE2b-256	`4f28140c00c15cdcc35ff202dee39ab749d0d0699f21a8bfdf0ccc14b6237fdd`