SSRFmap

Web exploitation tool

Automates exploiting vulnerabilities in web applications to execute arbitrary actions on their behalf

Automatic SSRF fuzzer and exploitation tool

GitHub

3k stars
55 watching
523 forks
Language: Python
last commit: 6 months ago
Linked from 1 awesome list

ctfexploitationhacktoberfestpentestserver-side-request-forgeryssrfssrfmapvulnerability

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
tarunkant/gopherus A tool for generating Gopher payloads to exploit SSRF vulnerabilities and gain RCE on various servers 2,873
manisso/fsociety A comprehensive collection of hacking tools and scripts for penetration testing and vulnerability assessment 10,637
damian89/extended-ssrf-search An SSRF scanner written in Python to identify potential vulnerabilities by scanning predefined settings in URLs and request headers. 274
xmendez/wfuzz A tool to automatically generate and test web application inputs for security vulnerabilities 5,967
rsactftool/rsactftool Tools for decrypting data from weak RSA keys and recovering private keys using various integer factorization algorithms. 5,756
0xinfection/xsrfprobe A toolkit designed to test and exploit Cross-Site Request Forgery vulnerabilities in websites. 1,109
fuzzdb-project/fuzzdb A comprehensive toolset for identifying and exploiting application vulnerabilities through dynamic testing 8,242
ksharinarayanan/ssrfire An automated tool to discover potential Server-Side Request Forgery (SSRF) vulnerabilities in web applications by scanning the domain for open redirects and testing for cross-site scripting (XSS) 944
randomrobbiebf/grafana-ssrf A tool to demonstrate and exploit authenticated SSRF vulnerabilities in Grafana 77
incredibleindishell/ssrf_vulnerable_lab A laboratory repository demonstrating vulnerable PHP code examples for Server-Side Request Forgery (SSRF) attacks 670
secdev/scapy A Python-based tool for interactive packet manipulation and analysis 10,771
threat9/routersploit An exploitation framework designed to aid in the testing of embedded devices' vulnerabilities 12,208
jiangsir404/xss-sql-fuzz Automates fuzzing of XSS and SQL injection vulnerabilities in web applications using Burp Suite extensions. 60
evyatarmeged/raccoon A high-performance tool for reconnaissance and vulnerability scanning of web applications and networks 3,091
fatedier/frp An open source tool that exposes local servers behind firewalls or NATs to the internet 86,756