ATTENTION: This tool is outdated and discontinued, I made a new WEB version, with more details and better analysis and report generation at the end of the scan, with the WEB version, it is no longer necessary to update this PYTHON repository.
OutSystems Scan or os-scan is a tool developed in Python that encompasses a set of modules that allow you to perform analyzes or explorations in applications developed in OutSystems in the Reactive and Mobile frameworks.
Important: Only run this tool in environments where you are authorized, we are not responsible for the misuse of this tool and the responsibility for its use lies entirely with the professional running it.
Objective: The main focus of this tool is to enable security professionals and those passionate about OutSystems to carry out some basic tests of possible vulnerabilities in their OutSystems applications, so that they can issue a report and correct their applications, delivering a safer and more mature product to the customer Final.
This tool is developed in my spare time, so updates may take time to be released.
OutSystems has a specific channel on its website for you to make direct contact or send a security report.
Or download the zip file on your Linux/Windows or Mac that has the Python 3.10 or higher library installed. 1. Open the terminal in the "os-scan" directory.
2. Type "python3 osscan.py -u http://personal.outsystemscloud.com/App".
3. Press enter. Python 3.10 or higher If you would like to contribute to this tool you can find me at: LinkedIn or Personal Site I can help you find technical debts and potential points of vulnerability in your OutSystems application.