ssrf tools on offsec.tools

Featured

SSRF Sheriff

A simple SSRF-testing sheriff written in Go.

#ssrf #vulnerabilities

SSRFPwned

Checks for SSRF using custom payloads after fetching URLs from sources & applying complex patterns.

#payloads #ssrf

autoSSRF

Smart context-based SSRF vulnerability scanner.

#scanner #ssrf

differer

differer finds how URLs are parsed by different languages in order to help bug hunters break filters.

#endpoints #ssrf #utils

See-SURF

Detect Vulnerable SSRF parameters.

#dns #http #parameters #scanner #ssrf

Ground control

A collection of scripts mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.

#debug #ssrf #vulnerabilities #xss #xxe

lorsrf

Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load.

#oob #ssrf

sentrySSRF

Searching for Sentry config on page or in Javascript files and check blind SSRF.

#sentry #ssrf

grafana-ssrf

Authenticated SSRF in Grafana.

#azure #cloud #exploits #google #grafana #ssrf

SSRF Detector

Server-side request forgery detector.

#ssrf

gaussrf

Fetch known URLs from several sources and Filter Urls With OpenRedirection or SSRF Parameters.

#endpoints #openredirect #ssrf

Extended SSRF search

Smart SSRF scanner using different methods like parameter brute forcing in POST and GET.

#scanner #ssrf #vulnerabilities

B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF.

#ssrf #vulnerabilities #xss #xxe

httprebind

Automatic tool for DNS rebinding-based SSRF attacks.

#aws #google #ssrf #vulnerabilities

SSRFire

An automated SSRF finder. Just give the domain name and your server and chill!

#openredirect #ssrf #xss

Gopherus

Generates gopher link for exploiting SSRF and gaining RCE in various servers.

#exploits #rce #shell #ssrf #vulnerabilities

SSRFmap

Automatic SSRF fuzzer and exploitation tool.

#exploits #fuzzing #ssrf #vulnerabilities

SSRFTest

SSRF testing tool.

#ssrf #vulnerabilities

A vast collection of security tools for bug bounty, pentest and red teaming

#ssrf