Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/daeken/SSRFTest
SSRF testing tool
https://github.com/daeken/SSRFTest
Last synced: 21 days ago
JSON representation
SSRF testing tool
- Host: GitHub
- URL: https://github.com/daeken/SSRFTest
- Owner: daeken
- License: mit
- Created: 2019-03-23T16:20:14.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2022-12-08T02:30:41.000Z (about 2 years ago)
- Last Synced: 2024-08-05T17:36:48.586Z (4 months ago)
- Language: Python
- Size: 71.3 KB
- Stars: 240
- Watchers: 10
- Forks: 46
- Open Issues: 11
-
Metadata Files:
- Readme: readme.md
- License: license.txt
Awesome Lists containing this project
- awesome-hacking-lists - daeken/SSRFTest - SSRF testing tool (Python)
README
Welcome to SSRFTest
===================
Installation
------------
1. Clone the repo
2. Generate a random 64-byte ASCII string (I typically just run `import random; ''.join('%02x' % random.randrange(256) for i in xrange(32))` at the Python interpreter)
3. Put that string into main.py on the line `app.secret_key = key = 'SECRET HERE'`
4. (Optional) Change the database password in docker-compose.yml and model.py -- default is `dbpassword`. This is not exposed to the outside so it's largely irrelevant
5. Search for `ssrftest.com` and replace it with the IP/domain you're hosting this on
6. Install Docker and Docker Compose
7. Run `./build-docker.sh`
8. Run `docker-compose up`
9. ???
10. Profit