#ssrf

WebCopilot
WebCopilot

Automation tool designed to enumerate subdomains and detect bugs using different open-source tools.

IPFuscator
IPFuscator

A tool to automatically generate alternative IP representations.

SSRFPwned
SSRFPwned

Checks for SSRF using custom payloads after fetching URLs from sources & applying complex patterns.

autoSSRF
autoSSRF

Smart context-based SSRF vulnerability scanner.

differer
differer

differer finds how URLs are parsed by different languages in order to help bug hunters break filters.

See-SURF
See-SURF

Detect Vulnerable SSRF parameters.

Ground control
Ground control

A collection of scripts mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.

lorsrf
lorsrf

Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load.

sentrySSRF
sentrySSRF

Searching for Sentry config on page or in Javascript files and check blind SSRF.

grafana-ssrf
grafana-ssrf

Authenticated SSRF in Grafana.

SSRF Detector
SSRF Detector

Server-side request forgery detector.

gaussrf
gaussrf

Fetch known URLs from several sources and Filter Urls With OpenRedirection or SSRF Parameters.

Extended SSRF search
Extended SSRF search

Smart SSRF scanner using different methods like parameter brute forcing in POST and GET.

B-XSSRF
B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF.

SSRF Sheriff
SSRF Sheriff

A simple SSRF-testing sheriff written in Go.

httprebind
httprebind

Automatic tool for DNS rebinding-based SSRF attacks.

SSRFire
SSRFire

An automated SSRF finder. Just give the domain name and your server and chill!

Gopherus
Gopherus

Generates gopher link for exploiting SSRF and gaining RCE in various servers.

SSRFmap
SSRFmap

Automatic SSRF fuzzer and exploitation tool.

SSRFTest
SSRFTest

SSRF testing tool.