Oralyzer – Open Redirect Vulnerability Detection Tool

Oralyzer - Automated Open Redirect Vulnerability Detection Tool

Open redirect vulnerabilities pose a significant threat to web applications, allowing attackers to redirect users to malicious websites or trick them into disclosing sensitive information. To combat this issue, security researchers and developers often rely on specialized tools that automate the detection of open redirect vulnerabilities. One such tool gaining recognition in the bug bounty community is Oralyzer.

Understanding Open Redirect Vulnerabilities

Open redirect vulnerabilities occur when a web application allows external input to control the destination of a redirection, without proper validation. Attackers exploit this weakness by manipulating URLs to redirect users to malicious websites under their control. Commonly found in login pages, password reset mechanisms, and other user-facing features, open redirects can facilitate phishing attacks or lead to the compromise of user accounts.

Introducing Open Redirect Tool

Oralyzer is an open-source tool designed to simplify the process of detecting open redirect vulnerabilities. Oralyzer automates the identification and validation of open redirect vulnerabilities, helping security researchers and developers efficiently identify and mitigate these risks.

Oralyzer can identify following types of Open Redirect Vulnerabilities:

  • Header Based
  • Javascript Based
  • Meta Tag Based

Also, Oralyzer has its own module to fetch URLs from web.archive.org just like waybackurls, it then separates the URLs that have specific parameters in them, parameters that are more likely to be vulnerable.

Key Features and Functionality

  1. URL Fuzzing: Oralyzer employs a technique called URL fuzzing to systematically test a web application for open redirect vulnerabilities. By manipulating the parameters and paths in URLs, the tool generates a variety of requests to detect potential vulnerabilities.
  2. URL Whitelisting: To avoid false positives and ensure accurate results, Oralyzer supports URL whitelisting. This feature allows researchers to specify trusted redirection URLs, ensuring they are not flagged as vulnerabilities during the scanning process.
  3. HTTP Response Analysis: Oralyzer analyzes the responses received from the target application to identify potential open redirect vulnerabilities. It examines response codes, headers, and the content of the returned pages to determine if a redirection is present and whether it is susceptible to exploitation.
  4. Custom Payloads: The tool provides the ability to define custom payloads, allowing researchers to tailor the scanning process according to the specific requirements of the target application. This flexibility ensures comprehensive coverage and enhances the detection of open redirect vulnerabilities.
  5. Fecth URL from web archive: Oralyzer also can crawl and collect urls from web archive.

Extra Features

  •  Improved DOM XSS detection mechanism
  •  Test multiple parameters in one run
  •  CRLF Injection Detection

Installation

$ git clone https://github.com/r0075h3ll/Oralyzer.git $ pip3 install -r requirements.txt

How to Use Oralyzer

Single target

python3 oralyzer.py -u http://example.com/redir.php?url=attacker.com

Multiple targets

python3 oralyzer.py -l urls.txt

Scan for CRLF injection

python3 oralyzer.py -u http://example.com/redir.php?url=attacker.com -crlf

Use custom payload list

python3 oralyzer.py -u http://example.com/redir.php?url= -p payloads.txt

Use proxy

python3 oralyzer.py -l urls.txt –proxy

Fecth URLs from web.archive.org

python3 oralyzer.py -u http://example.com –wayback



You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

twenty − twelve =

Exit mobile version