SSRFmap
Web exploitation tool
Automates exploiting vulnerabilities in web applications to execute arbitrary actions on their behalf
Automatic SSRF fuzzer and exploitation tool
3k stars
55 watching
523 forks
Language: Python
last commit: 6 months ago
Linked from 1 awesome list
ctfexploitationhacktoberfestpentestserver-side-request-forgeryssrfssrfmapvulnerability
Related projects:
Repository | Description | Stars |
---|---|---|
tarunkant/gopherus | A tool for generating Gopher payloads to exploit SSRF vulnerabilities and gain RCE on various servers | 2,873 |
manisso/fsociety | A comprehensive collection of hacking tools and scripts for penetration testing and vulnerability assessment | 10,637 |
damian89/extended-ssrf-search | An SSRF scanner written in Python to identify potential vulnerabilities by scanning predefined settings in URLs and request headers. | 274 |
xmendez/wfuzz | A tool to automatically generate and test web application inputs for security vulnerabilities | 5,967 |
rsactftool/rsactftool | Tools for decrypting data from weak RSA keys and recovering private keys using various integer factorization algorithms. | 5,756 |
0xinfection/xsrfprobe | A toolkit designed to test and exploit Cross-Site Request Forgery vulnerabilities in websites. | 1,109 |
fuzzdb-project/fuzzdb | A comprehensive toolset for identifying and exploiting application vulnerabilities through dynamic testing | 8,242 |
ksharinarayanan/ssrfire | An automated tool to discover potential Server-Side Request Forgery (SSRF) vulnerabilities in web applications by scanning the domain for open redirects and testing for cross-site scripting (XSS) | 944 |
randomrobbiebf/grafana-ssrf | A tool to demonstrate and exploit authenticated SSRF vulnerabilities in Grafana | 77 |
incredibleindishell/ssrf_vulnerable_lab | A laboratory repository demonstrating vulnerable PHP code examples for Server-Side Request Forgery (SSRF) attacks | 670 |
secdev/scapy | A Python-based tool for interactive packet manipulation and analysis | 10,771 |
threat9/routersploit | An exploitation framework designed to aid in the testing of embedded devices' vulnerabilities | 12,208 |
jiangsir404/xss-sql-fuzz | Automates fuzzing of XSS and SQL injection vulnerabilities in web applications using Burp Suite extensions. | 60 |
evyatarmeged/raccoon | A high-performance tool for reconnaissance and vulnerability scanning of web applications and networks | 3,091 |
fatedier/frp | An open source tool that exposes local servers behind firewalls or NATs to the internet | 86,756 |