Hello,
I need to do a pentest in a deployed Odoo system. Any resources for doing pestesting/ auditing in any version of Odoo?
Thanks in advance.
Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
- 客户关系管理
- e-Commerce
- 会计
- 库存
- PoS
- Project
- MRP
此问题已终结
2
回复
2795
查看
Hello Julian,
You can use odoomap: https://github.com/MohamedKarrab/odoomap, it's a reconnaissance, enumeration, and pentesting tool for Odoo applications.
Features
- Detect Odoo version and metadata
- Enumerate databases and accessible models
- Authenticate and check CRUD permissions
- Extract data from specific models
- Brute-force login credentials & Master password
- Brute-force internal model names
And I can see that more features are getting added actively.
Hello,
You should have a look at this https://github.com/cyberwave-odoo/odooscan/ , feel free to contact us for support.
Kind regards
Jérôme Dewandre
