Skip to content

Mr0Wido/otoattack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
tools
tools
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
install.sh
install.sh
 
 
otoattack.py
otoattack.py
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 

Repository files navigation

otoattack

Otoattack - Vulnerability Scanner
— Via, Mr0Wido

GitHub last commit Website

example

About

Otoattack is a Python-based tool for Vulnerability Scan.

Otoattack provides a variety of vuln scans, including these;

  • XSS
  • SQLi
  • SSRF
  • Open Redirect
  • LFI
  • CSRF
  • CRLF
  • SSTI
  • Header Injection
  • Cors
  • Web Cache Vulnerability
  • HTTP Request Smuggling
  • Subdomain Takeover
  • Nuclei Scan

Installation

If you are using a virtual environment, run these commands:

$ python3 -m venv venv
$ source venv/bin/activate  
$ git clone https://github.com/Mr0Wido/otoattack.git
$ cd otoattack
$ pip install .

Run these commands for installing tools:

$ sudo chmod +x install.sh
$ ./install.sh

Options

There are three options and they are required.

Flags Description
-ul --list Path to the list of targets
-dl --domain_list Path to the list of domains for subdomain takeover
-d --domain Domain to subdomain takeover
-scan Arg for the starting scan
-config Create the config file

Usage

Provide Servers for XSS and SSTI. It's required.

These servers can be Burp Collaborator or you can use these free resources;

$ python3 otoattack -config

Scan

$ python3 otoattack.py -ul url.txt -dl domain.txt -scan

Otoattack Workflow

Otoattack_workflow

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages