OAuth fuzz工具 OAuzz
jopen
12年前
OAuzz 是一个用于fuzz基于OAuth的web应用服务的安全工具。OAuzz基于RFC5849和OAuth Request Body Hash 1.0 Draft 4实现。OAuzz支持三种签名算法(OAuth 1.0),三种算法是明文、HMAC-SHA1、RSA-SHA1。
OAuzz 的命令:
| 命令 | 描述 |
| set VARIABLE VALUE | Set VARIABLE to VALUE. |
| unset [VARIABLE/S] | Unset VARIABLE (or all of them). |
| show [VARIABLE/S] | Show the value of VARIABLE (or all of them). |
| authenticate | OAuth Authentication with the server (default 3-legged). |
| test | Send a request with the correct values of each parameter. |
| fuzz | Run the fuzzer. |
| select | Perform a SQL Select query over the fuzzing results. |
| export | Export the database results to CSV, XML or HTML format. |
| help [COMMAND] | This help or the specified command help. |
| version | Show the version. |
| exit | Terminate the application. |
来自 pulog