Skip to content
/ Doppel Public

๐Ÿฆ€ A blazing fast, zero-config BOLA/IDOR detector. Features session swapping, mutational fuzzing, and local AI support.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

abendrothj/Doppel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

13 Commits
.github/workflows
.github/workflows
ย 
ย 
src
src
ย 
ย 
tests
tests
ย 
ย 
.gitignore
.gitignore
ย 
ย 
Cargo.lock
Cargo.lock
ย 
ย 
Cargo.toml
Cargo.toml
ย 
ย 
DEVELOPMENT_PLAN.md
DEVELOPMENT_PLAN.md
ย 
ย 
LICENSE
LICENSE
ย 
ย 
README.md
README.md
ย 
ย 
SECURITY.md
SECURITY.md
ย 
ย 
TESTING.md
TESTING.md
ย 
ย 

Repository files navigation

โš”๏ธ Doppel

The Logic-Aware API Security Scanner. Automatically detects BOLA (Broken Object Level Authorization) vulnerabilities by understanding API semantics, not just fuzzing IDs.

License Status AI Platform

๐Ÿง  How Doppel is Different

Most scanners blindly fuzz every number they see (page=1 โ†’ page=2). Doppel uses a Semantic Risk Engine to identify actual vulnerability candidates:

  1. Semantic Risk Scoring: * Analyzes parameter names and context (path vs body) to assign a BOLA Risk Score (0-100).
    • Example: userId in a GET path is rated Critical Risk, while limit=10 in a query is ignored.
  2. Smart Mutation:
    • Generates context-aware payloads: adjacent IDs (user_123 โ†’ user_124), boundary values (0, admin), and type-specific fuzzing.
  3. Weighted Verdicts:
    • Distinguishes between Reflection (safe) and Leakage (vulnerable).
    • Example: Seeing created_by: "victim" in a public post is safe. Seeing id: "victim" in a private profile object is a vulnerability.

๐Ÿ”’ Privacy-First Architecture

Doppel is designed for sensitive environments.

  • Local-First: Defaults to running entirely offline.
  • Ollama Integration: Optional PII detection runs on your local machine (via localhost:11434). Zero data is sent to the cloud.

๐Ÿš€ Quick Start

Installation

# Via Cargo
cargo install --git https://github.com/abendrothj/doppel

# Or build from source (Recommended for M4/Apple Silicon)
git clone https://github.com/abendrothj/doppel
cd doppel
cargo build --release

Usage

1. Basic Scan (Postman/Bruno/OpenAPI)

doppel \
  --input "./api-specs/openapi.json" \
  --base-url "https://api.target.com" \
  --attacker-token "eyJhbGc..." \
  --victim-id "user_123"

2. With AI PII Detection (Requires Ollama)

# First, ensure Ollama is running
ollama serve

# Run scan
doppel -i specs/ -b https://api.local -a $TOKEN -v 123 --enable-pii-analysis

๐Ÿ› ๏ธ Features

  • Zero-Config Discovery: Parses Bruno (.bru), Postman, and OpenAPI files automatically.
  • Logic-Aware Attacks: Identifies and swaps resource IDs based on semantic weight.
  • Weighted Verdict Engine: Reduces false positives by analyzing JSON field importance.
  • CI/CD Ready: Returns exit code 1 on vulnerabilities; outputs CSV/Markdown.

๐Ÿ“ฆ CI/CD Integration

Doppel is designed to run in GitHub Actions. See .github/workflows/ci.yml for examples.

๐Ÿค Contributing

We welcome contributions! Please see CONTRIBUTING.md for details on the architecture.

License: MIT

About

๐Ÿฆ€ A blazing fast, zero-config BOLA/IDOR detector. Features session swapping, mutational fuzzing, and local AI support.

Topics

rust automation openapi rust-lang postman testing-tools rustlang bruno workflow-automation ollama idor-vulnerability

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

v1.0.0 Latest
Jan 3, 2026

Languages