SSRFire
SSRF scanner
An automated tool to discover potential Server-Side Request Forgery (SSRF) vulnerabilities in web applications by scanning the domain for open redirects and testing for cross-site scripting (XSS)
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
944 stars
25 watching
158 forks
Language: Shell
last commit: almost 3 years ago
Linked from 1 awesome list
vavkamil/awesome-bugbounty-toolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 damian89/extended-ssrf-search | An SSRF scanner written in Python to identify potential vulnerabilities by scanning predefined settings in URLs and request headers. | 274 |
 jacobreynolds/ssrfdetector | A web application that detects and warns users about potential Server-side Request Forgery (SSRF) vulnerabilities. | 149 |
 kathanp19/gaussrf | A tool for identifying potential vulnerabilities in websites by fetching known URLs and filtering out ones with open redirects or SSRF parameters. | 165 |
 mindpatch/lorsrf | A tool designed to identify parameters in web applications that can be exploited for SSRF or out-of-band resource load attacks. | 289 |
 teknogeek/ssrf-sheriff | A tool designed to test and simulate Server-Side Request Forgery (SSRF) vulnerabilities by generating responses with configurable secret tokens | 315 |
 incredibleindishell/ssrf_vulnerable_lab | A laboratory repository demonstrating vulnerable PHP code examples for Server-Side Request Forgery (SSRF) attacks | 670 |
 assetnote/surf | A tool that identifies and filters potential Server-Side Request Forgery (SSRF) vulnerabilities in cloud environments by probing external hosts. | 533 |
 randomrobbiebf/grafana-ssrf | A tool to demonstrate and exploit authenticated SSRF vulnerabilities in Grafana | 77 |
 spidermate/b-xssrf | A toolkit to detect and track vulnerabilities in web applications | 295 |
 serain/mailspoof | A tool to analyze and report on SPF and DMARC record issues for potential email spoofing vulnerabilities. | 127 |
 r0075h3ll/oralyzer | A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. | 753 |
 asaiken/dom-based-xss-finder | Tools for identifying and exploiting vulnerabilities in DOM-based cross-site scripting attacks. | 70 |
 xawdxawdx/sentryssrf | A tool to search for and exploit Sentry configuration vulnerabilities in web applications | 67 |
 mandatoryprogrammer/xsshunter_client | An instrument used to hunt and identify cross-site scripting (XSS) vulnerabilities by tracking correlated requests and payloads. | 249 |
 hahwul/xspear | Automated testing tool for identifying vulnerabilities in web applications via cross-site scripting (XSS) attacks | 1,201 |