Oyedata
Oyedata is a new tool to perform black-box OData security testing and help secure OData deployments. Gursev Singh Kalra wrote Oyedata from a penetration testing perspective and its the major features are summarized below:
Intuitive GUI based tool written in C#.
Ability to create attack templates from local and remote Service Documents and Service Metadata Documents.
Support for XML and JSON data formats.
Ability to export attack templates in JSON and XML formats that can be fed to custom Fuzzing code.
Ability to engage the OData services for manual testing.
Data generator for EDMSimpleType test data generation.
Ability to generate “Read URIs” for Entities, Entity Properties and Entity Property Values.
Ability to generate attack templates for Creation of new Entries, updating existing Entries, Service Operation invocation, Entry deletion etc…
Ability to identify Keys, Nullable and Non-Nullable Properties and indicate the same in the attack templates.
Web proxy, HTTP and HTTPS support and Error logging.
The files are:
Oyedata User Guide Oyedata for OData Assessments.pdf - Oyedata user guide.
setup.exe and OyedataSetup.msi - Oyedata setup files.
System Requirements:
Microsoft .Net 4.0