Hey Folks, in this tutorial we are going to talk about an interesting tool called “Oralyzer” which will help us to identifying the open redirections vulnerability in the websites. It will automatically find the vulnerability by adding the vulnerable parameter.

Lets take a Look 🙂 !!

Installation

First we need to configured this tool and for this mission we will download from the github page by using the git tool.

After downloading, a directory will be created in the name of this tool in which we will have to go.

We will give some chmod permission of the this tool.

It’s all done ! now we are ready to start this tool by using the python tool.

Example

Take an example and try to find out the tool are work fine or not. For this mission we will use XVWA and bWAAP vulnerable web application.
Usage 🙂 python3 oralyzer.py -u < URL >

As you see it has identified the vulnerability of open redirection and has given us several types of payloads, with the help of which we can exploit the vulnerability.

Lets take another example and in this attempt we will give the vulnerable parameter of bWAAP application. Keep in mind you need to change the URL in your case.
Usage 🙂 python3 oralyzer.py -u < URL >

Finally it has again stood up to the challenge and successfully identified the vulnerability. Also it has more features that we can use to enhance our results.

About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.

Leave a Reply

Your email address will not be published. Required fields are marked *