{"id":20041444,"url":"https://github.com/mindpatch/lorsrf","last_synced_at":"2025-04-06T04:13:48.215Z","repository":{"id":58833107,"uuid":"272723443","full_name":"MindPatch/lorsrf","owner":"MindPatch","description":"Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:","archived":false,"fork":false,"pushed_at":"2024-09-22T21:20:09.000Z","size":221,"stargazers_count":293,"open_issues_count":0,"forks_count":43,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-03-27T12:13:21.164Z","etag":null,"topics":["blindssrf","bruteforce","bugbounty","fuzzing","hacking","penetration-testing","pentesting","rust","ssrf","websecurity"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MindPatch.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-06-16T14:01:35.000Z","updated_at":"2025-02-28T21:49:52.000Z","dependencies_parsed_at":"2024-11-12T18:02:38.826Z","dependency_job_id":"3394e676-bb65-419d-8237-e16a91b7d502","html_url":"https://github.com/MindPatch/lorsrf","commit_stats":null,"previous_names":["knassar702/lorsrf"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MindPatch%2Florsrf","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MindPatch%2Florsrf/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MindPatch%2Florsrf/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MindPatch%2Florsrf/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MindPatch","download_url":"https://codeload.github.com/MindPatch/lorsrf/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247430883,"owners_count":20937874,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blindssrf","bruteforce","bugbounty","fuzzing","hacking","penetration-testing","pentesting","rust","ssrf","websecurity"],"created_at":"2024-11-13T10:46:38.866Z","updated_at":"2025-04-06T04:13:48.105Z","avatar_url":"https://github.com/MindPatch.png","language":"Rust","readme":"# LORSRF - 2.1\n![screenshot](.github/workflows/screen.png)\n\n***\nLorsrf is a powerful web penetration testing tool designed to identify parameters that can be exploited for SSRF or Out-of-band resource load attacks. By adding an OAST host like Burp Collaborator to the parameter value, Lorsrf can generate an HTTP request that is received in Burp Collaborator, without any actual information about the target.\n\nTo address this issue, Lorsrf includes a feature that allows you to add specific pieces of target information as variables in your OAST host. This allows you to more easily identify vulnerable parameters and endpoints, ultimately making it easier to secure your web applications.\n\nIn addition to the above, Lorsrf also allows you to include additional information in your OAST host using special variables. For example, you can include the endpoint of your target domain, the query of the URL, the current request method, and more.\n\nOverall, Lorsrf is a powerful tool that can be customized to meet your specific web pen-testing needs. Whether you're looking to identify and fix vulnerabilities in your own web applications or assess the security of third-party web apps, Lorsrf is a valuable addition to any pen-testing toolkit.\n\t\n \n| Variable      | Description |\n| ----------- | ----------- |\n| %PARAM%      | the guessed parameter      |\n| %PATH%   |  the endpoint of your target domain |\n| %HOST%   | the scanning host\n| %QUERY% | the query of the url |\n| %METHOD% | Current METHOD |\n\nyou can use these for include more informations in your OAST host\n\n```\ntarget: http://testphp.vulnweb.com/showimage.php\npayload: http://%HOST%.%PARAM%.testing.interactsh.com%PATH%\noutput: http://testphp.vulnweb.com.file.testing.interactsh.com/showimage.php\n```\n\nby default lorsrf use GET method if you want post method with form body or json you can add these falgs\n\n```bash\n$ lorsrf --json --form\n```\n\nif you want post only add `--post-only` flag\n\n\n### Install\n1. install the last version of rust from https://www.rust-lang.org/tools/install\n2. run these commmands\n```bash\n\u003e\u003e\u003e apt install gcc pkg-config libssl-dev\n\u003e\u003e\u003e cargo install --git https://github.com/knassar702/lorsrf\n```\nor download it from the release page \n\n#### Examples\n\n```\n$ lorsrf --urls targets.txt -c \"http://myhost.com\" --wordlist params.txt\n```\n\n* json\n\n```\n\n\n$ lorsrf --urls targets.txt -c \"http://myhost.com\" --wordlist params.txt --json\n```\n\n* form\n\n```\n$ lorsrf --urls targets.txt -c \"http://myhost.com\" --wordlist params.txt --form\n```\n\n\nparameter scanner without geussing\n\n```bash\n$ waybackurls http://testphp.vulnweb.com \u003e urls.txt\n$ lorsrf --urls urls.txt -c \"http://myhost.com\" --wordlist params.txt\n```\n\n\n* Video: [demo](https://twitter.com/knassar702/status/1472566701027901450)\n\nmore options\n\n```bash\nLorsrf 2.0\nKhaled Nassar \u003cknassar702@gmail.com\u003e\nSSRF Parameter BruteForce Tool\n\nUSAGE:\n    lorsrf [FLAGS] [OPTIONS] --call \u003chost\u003e --urls \u003ctargets\u003e\n\nFLAGS:\n    -f, --form         Use x-www-form-urlencoded requests via POST method\n    -h, --help         Prints help information\n    -j, --json         Use JSON requests via POST method\n        --post-only    POST method only\n    -V, --version      Prints version information\n\nOPTIONS:\n    -H, --headers \u003cheaders\u003e      Your Headers [default: ]\n    -c, --call \u003chost\u003e            Your The OAST Host (burpsuite collaborator or interactsh.com)\n    -p, --proxy \u003cproxy\u003e          SendProxy [default: ]\n    -u, --urls \u003ctargets\u003e         Your Targets list\n        --threads \u003cthreads\u003e      Your Threads [default: 10]\n    -t, --timeout \u003ctimeout\u003e      Set the Timeout of the requests [default: 10]\n    -w, --wordlist \u003cwordlist\u003e    Your Parameters Wordlist\n```\n\n\n### TODO-LIST\n* https://github.com/knassar702/lorsrf/projects/1\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmindpatch%2Florsrf","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmindpatch%2Florsrf","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmindpatch%2Florsrf/lists"}