cd ..

IDOR-Scan

Security Tool
gh GitHub

Description

Automated IDOR & Access Control Testing for REST APIs. Replays API requests with manipulated authentication contexts to identify Insecure Direct Object Reference and Broken Object-Level Authorization vulnerabilities.

Key Features

  • Import Postman collections & OpenAPI specs
  • Replay requests with swapped user contexts
  • Role matrix testing for admin/user/guest
  • CI/CD integration ready
  • JSON/HTML professional reports

Tech Stack

GoSecurityAPI TestingCLIOWASP