Home
OpenDoor is an open-source CLI Web Recon & Directory Discovery Platform for authorized security work.
It supports context-aware directory discovery, subdomain enumeration, fingerprint-first scanning, WAF detection, response sniffers, response filtering, structured reports, resumable sessions, proxy and VPN transport workflows, and CI/CD-friendly exposure validation.
Use OpenDoor only on systems you own or have explicit permission to test.
- GitHub repository
- Documentation
- Mastering OpenDoor companion page
- Mastering OpenDoor Part 1 on Medium
The screenshots below come from the Mastering OpenDoor Part 1 local lab workflow. The lab uses 127.0.0.1:8080 and is intended for safe, reproducible, authorized testing.
Figure 1. Starting the deterministic OpenDoor Mastering lab on 127.0.0.1:8080.
Figure 2. Verifying local demo endpoints before scanning: /admin, /.git/HEAD, /.env, and /uploads/.
Figure 3. OpenDoor fingerprints the target before dictionary discovery starts.
Figure 4. Baseline scan results grouped into OpenDoor buckets such as success, forbidden, auth, redirect, and failed.
Figure 5. Body-aware response sniffers classify evidence such as directory listings, exposed files, and stack traces.
Figure 6. HTML report output for human review and evidence preservation.
- Quickstart
- Installation and update
- Practical examples
- Sniffers reference
- Fingerprinting guide
- WAF detection guide
- Reports
- Network transports
OpenDoor is released under the GNU General Public License v3.0 only.