资 源 简 介
What is The Manipulator?
The Manipulator is a command line scanner that can be used to identify parameter manipulation vulnerabilities, also known as Insecure Direct Object References or Authorization Bypass Through User-Controlled Key. The Manipulator parses Burp logs searching for numeric parameters which it analyses for parameter manipulation flaws by submitting a range of similar but different numeric values and looking for differences in the responses. It can also parse a second burp log (i.e. from a different user) to identify potentially user-specific parameter values.
The Manipulator is beta; don"t use
