OutSystems Analyzer is an open-source OSINT tool designed to help developers and security researchers identify security weaknesses in OutSystems applications caused by developer mistakes rather than platform vulnerabilities. By providing only a public URL, the tool automates application footprinting, analyzing network requests/responses for IDOR points, exposed public resources, and improperly stored default values. The author, an OutSystems developer with 10 years of experience, argues that while the OutSystems platform itself is secure, technical debt and human error are the primary sources of data exposure. The tool is aimed at both developers wanting to audit their own apps and red teams conducting penetration tests.
Sort: