SSRFmap
Web exploitation tool
Automates exploiting vulnerabilities in web applications to execute arbitrary actions on their behalf
Automatic SSRF fuzzer and exploitation tool
3k stars
55 watching
530 forks
Language: Python
last commit: 9 months ago
Linked from 1 awesome list
ctfexploitationhacktoberfestpentestserver-side-request-forgeryssrfssrfmapvulnerability
vavkamil/awesome-bugbounty-toolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 tarunkant/gopherus | A tool for generating Gopher payloads to exploit SSRF vulnerabilities and gain RCE on various servers | 2,909 |
 manisso/fsociety | A comprehensive collection of hacking tools and scripts for penetration testing and vulnerability assessment | 10,698 |
 damian89/extended-ssrf-search | An SSRF scanner written in Python to identify potential vulnerabilities by scanning predefined settings in URLs and request headers. | 276 |
 xmendez/wfuzz | A tool to automatically generate and test web application inputs for security vulnerabilities | 5,978 |
 rsactftool/rsactftool | Tools for decrypting data from weak RSA keys and recovering private keys using various integer factorization algorithms. | 5,800 |
 0xinfection/xsrfprobe | A toolkit designed to test and exploit Cross-Site Request Forgery vulnerabilities in websites. | 1,116 |
 fuzzdb-project/fuzzdb | A comprehensive toolset for identifying and exploiting application vulnerabilities through dynamic testing | 8,288 |
 ksharinarayanan/ssrfire | An automated tool to discover potential Server-Side Request Forgery (SSRF) vulnerabilities in web applications by scanning the domain for open redirects and testing for cross-site scripting (XSS) | 953 |
 randomrobbiebf/grafana-ssrf | A tool to demonstrate and exploit authenticated SSRF vulnerabilities in Grafana | 78 |
 incredibleindishell/ssrf_vulnerable_lab | A laboratory repository demonstrating vulnerable PHP code examples for Server-Side Request Forgery (SSRF) attacks | 679 |
 secdev/scapy | A Python-based tool for interactive packet manipulation and analysis | 10,870 |
 threat9/routersploit | An exploitation framework designed to aid in the testing of embedded devices' vulnerabilities | 12,253 |
 jiangsir404/xss-sql-fuzz | Automates fuzzing of XSS and SQL injection vulnerabilities in web applications using Burp Suite extensions. | 61 |
 evyatarmeged/raccoon | A high-performance tool for reconnaissance and vulnerability scanning of web applications and networks | 3,105 |
 fatedier/frp | An open source tool that exposes local servers behind firewalls or NATs to the internet | 87,642 |