A vast collection of security tools for bug bounty, pentest and red teaming

#ssrf

SSRF Sheriff on offsec.tools
Featured
SSRF Sheriff

A simple SSRF-testing sheriff written in Go.

SSRFPwned on offsec.tools
SSRFPwned

Checks for SSRF using custom payloads after fetching URLs from sources & applying complex patterns.

autoSSRF on offsec.tools
autoSSRF

Smart context-based SSRF vulnerability scanner.

differer on offsec.tools
differer

differer finds how URLs are parsed by different languages in order to help bug hunters break filters.

See-SURF on offsec.tools
See-SURF

Detect Vulnerable SSRF parameters.

Ground control on offsec.tools
Ground control

A collection of scripts mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.

lorsrf on offsec.tools
lorsrf

Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load.

#oob   #ssrf  

sentrySSRF on offsec.tools
sentrySSRF

Searching for Sentry config on page or in Javascript files and check blind SSRF.

#sentry   #ssrf  

grafana-ssrf on offsec.tools
grafana-ssrf

Authenticated SSRF in Grafana.

SSRF Detector on offsec.tools
SSRF Detector

Server-side request forgery detector.

#ssrf  

gaussrf on offsec.tools
gaussrf

Fetch known URLs from several sources and Filter Urls With OpenRedirection or SSRF Parameters.

Extended SSRF search on offsec.tools
Extended SSRF search

Smart SSRF scanner using different methods like parameter brute forcing in POST and GET.

B-XSSRF on offsec.tools
B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF.

httprebind on offsec.tools
httprebind

Automatic tool for DNS rebinding-based SSRF attacks.

SSRFire on offsec.tools
SSRFire

An automated SSRF finder. Just give the domain name and your server and chill!

Gopherus on offsec.tools
Gopherus

Generates gopher link for exploiting SSRF and gaining RCE in various servers.

SSRFmap on offsec.tools
SSRFmap

Automatic SSRF fuzzer and exploitation tool.

SSRFTest on offsec.tools
SSRFTest

SSRF testing tool.