Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with ssrf
A curated list of projects in awesome lists tagged with ssrf .
https://github.com/nahamsec/resources-for-beginner-bug-bounty-hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
Last synced: 30 Sep 2024
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
Last synced: 31 Jul 2024
https://github.com/swisskyrepo/ssrfmap
Automatic SSRF fuzzer and exploitation tool
ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability
Last synced: 30 Sep 2024
https://github.com/swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
ctf exploitation hacktoberfest pentest server-side-request-forgery ssrf ssrfmap vulnerability
Last synced: 01 Aug 2024
https://github.com/tarunkant/gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
fastcgi github-rce gopher memcache mysql postgresql rce redis smtp ssrf zabbix
Last synced: 30 Sep 2024
https://github.com/tarunkant/Gopherus
This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
fastcgi github-rce gopher memcache mysql postgresql rce redis smtp ssrf zabbix
Last synced: 01 Aug 2024
https://github.com/cujanovic/ssrf-testing
SSRF (Server Side Request Forgery) testing resources
pentest pentest-tool pentesting server-side-request-forgery ssrf
Last synced: 01 Aug 2024
https://github.com/incredibleindishell/ssrf_vulnerable_lab
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
attack exploitation hacking lab server-side-request-forgery ssrf web-security
Last synced: 01 Aug 2024
https://github.com/YagamiiLight/Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
bypass hacking-tool middleware penetration-testing proxy python security-tools sql-injection ssrf waf websecurity xss
Last synced: 04 Aug 2024
https://github.com/Li4n0/revsuit
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
bug-bounty dnslog oob out-of-band pentest-tool rce reverse-connection ssrf xxe
Last synced: 04 Aug 2024
https://github.com/chennqqi/godnslog
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
dnslog rce rfi ssrf vulnerability webscan xss xxe
Last synced: 04 Aug 2024
https://github.com/Dliv3/redis-rogue-server
Redis 4.x/5.x RCE
rce redis redis-rogue-server redis-unauthorized-access remote-code-execution ssrf
Last synced: 04 Aug 2024
https://github.com/bcoles/ssrf_proxy
SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.
Last synced: 03 Aug 2024
https://github.com/tangxiaofeng7/SecExample
JAVA 漏洞靶场 (Vulnerability Environment For Java)
cors csrf docker fastjson java rce springboot sqlinjection ssrf vulnerability xss-vulnerability
Last synced: 04 Aug 2024
https://github.com/pikpikcu/XRCross
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
bugbounty bugbounty-tool check-subdomains cors cors-scanner lfi rce recon scanners sqli ssrf subdomain-enumeration takeover-subdomain xss-scanner xss-vulnerability
Last synced: 04 Aug 2024
https://github.com/teknogeek/ssrf-sheriff
A simple SSRF-testing sheriff written in Go
Last synced: 01 Aug 2024
https://github.com/knassar702/lorsrf
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity
Last synced: 01 Aug 2024
https://github.com/Tr3jer/dnsAutoRebinding
ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
Last synced: 04 Aug 2024
https://github.com/ryandamour/ssrfuzz
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities
Last synced: 04 Aug 2024
https://github.com/herwonowr/exprolog
ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
cve-2021-26855 cve-2021-27065 microsoft-exchange microsoft-exchange-proxylogon poc proxylogon rce ssrf
Last synced: 04 Aug 2024
https://github.com/0xAwali/Blind-SSRF
Nuclei Templates to reproduce Cracking the lens's Research
blindssrf bugbounty nuclei nuclei-templates ssrf web-security
Last synced: 04 Aug 2024
https://github.com/kljunowsky/CVE-2022-41040-POC
CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server
bug-bounty bugbounty cve-2022-41040 exploit hacking microsoft microsoft-exchange poc proof-of-concept security ssrf
Last synced: 04 Aug 2024
https://github.com/Al1ex/CVE-2020-36179
CVE-2020-36179~82 Jackson-databind SSRF&RCE
cve-2020-36179 jackson-databind rce ssrf
Last synced: 04 Aug 2024
https://github.com/arkadiyt/ssrf_filter
A ruby gem for defending against Server Side Request Forgery (SSRF) attacks
gem ruby server-side-request-forgery ssrf
Last synced: 03 Aug 2024
https://github.com/knassar702/hacking-lab
Small Vulnerable Web App
bugbounty cmdinjection flask hackable hacking-lab openredirect python sqlinjection ssrf ssti uploadfile xss
Last synced: 04 Aug 2024
https://github.com/R0X4R/ssrf-tool
An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.
bugbounty bugbounty-tool bugbountytips go ssrf ssrf-tool tools
Last synced: 04 Aug 2024
https://github.com/e1abrador/Burp-Encode-IP
Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.
bugbounty bugbounty-tool bugbountytips bypass open-redirect red-team red-team-tools ssrf
Last synced: 04 Aug 2024
https://github.com/junnlikestea/bulkssrf
Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.
async bugbounty-tool rust ssrf tokio-rs
Last synced: 04 Aug 2024
https://github.com/tirkarthi/clj-http-ssrf
A clj-http middleware to prevent SSRF attacks
clj-http-middleware clojure ssrf
Last synced: 02 Oct 2024
https://github.com/hupe1980/gopherfy
Tool to generate gopher links for exploiting SSRF
exploit fastcgi gopher http mysql postgresql smtp ssrf
Last synced: 01 Oct 2024