Hello,
I need to do a pentest in a deployed Odoo system. Any resources for doing pestesting/ auditing in any version of Odoo?
Thanks in advance.
Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
- CRM
- e-Commerce
- Boekhouding
- Voorraad
- PoS
- Project
- MRP
Deze vraag is gerapporteerd
2
Antwoorden
2785
Weergaven
Hello Julian,
You can use odoomap: https://github.com/MohamedKarrab/odoomap, it's a reconnaissance, enumeration, and pentesting tool for Odoo applications.
Features
- Detect Odoo version and metadata
- Enumerate databases and accessible models
- Authenticate and check CRUD permissions
- Extract data from specific models
- Brute-force login credentials & Master password
- Brute-force internal model names
And I can see that more features are getting added actively.
Hello,
You should have a look at this https://github.com/cyberwave-odoo/odooscan/ , feel free to contact us for support.
Kind regards
Jérôme Dewandre
Geniet je van het gesprek? Blijf niet alleen lezen, doe ook mee!
Maak vandaag nog een account aan om te profiteren van exclusieve functies en deel uit te maken van onze geweldige community!
Aanmelden