Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with ssrf

A curated list of projects in awesome lists tagged with ssrf .

https://github.com/nahamsec/resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss

Last synced: 30 Sep 2024

https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

A list of resources for those interested in getting started in bug bounties

bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss

Last synced: 31 Jul 2024

https://github.com/tarunkant/gopherus

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

fastcgi github-rce gopher memcache mysql postgresql rce redis smtp ssrf zabbix

Last synced: 30 Sep 2024

https://github.com/tarunkant/Gopherus

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

fastcgi github-rce gopher memcache mysql postgresql rce redis smtp ssrf zabbix

Last synced: 01 Aug 2024

https://github.com/cujanovic/ssrf-testing

SSRF (Server Side Request Forgery) testing resources

pentest pentest-tool pentesting server-side-request-forgery ssrf

Last synced: 01 Aug 2024

https://github.com/JoyChou93/java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

benchmark code cors deserialize java jsonp rce rmi security spel sqli ssrf tomcat web xxe

Last synced: 04 Aug 2024

https://github.com/joychou93/java-sec-code

Java web common vulnerabilities and security code which is base on springboot and spring security

benchmark code cors deserialize java jsonp rce rmi security spel sqli ssrf tomcat web xxe

Last synced: 01 Oct 2024

https://github.com/cn-panda/JavaCodeAudit

Getting started with java code auditing 代码审计入门的小项目

code fastjson jackson java rce sql ssrf vulnerability-analysis weblogic xss

Last synced: 02 Aug 2024

https://github.com/incredibleindishell/ssrf_vulnerable_lab

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

attack exploitation hacking lab server-side-request-forgery ssrf web-security

Last synced: 01 Aug 2024

https://github.com/YagamiiLight/Cerberus

一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

bypass hacking-tool middleware penetration-testing proxy python security-tools sql-injection ssrf waf websecurity xss

Last synced: 04 Aug 2024

https://github.com/Li4n0/revsuit

RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

bug-bounty dnslog oob out-of-band pentest-tool rce reverse-connection ssrf xxe

Last synced: 04 Aug 2024

https://github.com/chennqqi/godnslog

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

dnslog rce rfi ssrf vulnerability webscan xss xxe

Last synced: 04 Aug 2024

https://github.com/bcoles/ssrf_proxy

SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.

magic proxy ssrf ssrf-proxy

Last synced: 03 Aug 2024

https://github.com/tangxiaofeng7/SecExample

JAVA 漏洞靶场 (Vulnerability Environment For Java)

cors csrf docker fastjson java rce springboot sqlinjection ssrf vulnerability xss-vulnerability

Last synced: 04 Aug 2024

https://github.com/sqlsec/ssrf-vuls

国光的手把手带你用 SSRF 打穿内网靶场源码

ssrf vulhub websecurity

Last synced: 04 Aug 2024

https://github.com/pikpikcu/XRCross

XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

bugbounty bugbounty-tool check-subdomains cors cors-scanner lfi rce recon scanners sqli ssrf subdomain-enumeration takeover-subdomain xss-scanner xss-vulnerability

Last synced: 04 Aug 2024

https://github.com/teknogeek/ssrf-sheriff

A simple SSRF-testing sheriff written in Go

bugbounty go ssrf

Last synced: 01 Aug 2024

https://github.com/knassar702/lorsrf

Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:

blindssrf bruteforce bugbounty fuzzing hacking penetration-testing pentesting rust ssrf websecurity

Last synced: 01 Aug 2024

https://github.com/Tr3jer/dnsAutoRebinding

ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6

dns rebinding ssrf

Last synced: 04 Aug 2024

https://github.com/ryandamour/ssrfuzz

SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities

bugbounty security ssrf

Last synced: 04 Aug 2024

https://github.com/herwonowr/exprolog

ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

cve-2021-26855 cve-2021-27065 microsoft-exchange microsoft-exchange-proxylogon poc proxylogon rce ssrf

Last synced: 04 Aug 2024

https://github.com/0xAwali/Blind-SSRF

Nuclei Templates to reproduce Cracking the lens's Research

blindssrf bugbounty nuclei nuclei-templates ssrf web-security

Last synced: 04 Aug 2024

https://github.com/BitTheByte/Eagle

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

bugbounty bugcrowd cve ftp hackerone hacking python ssrf takeover xss

Last synced: 01 Aug 2024

https://github.com/kljunowsky/CVE-2022-41040-POC

CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server

bug-bounty bugbounty cve-2022-41040 exploit hacking microsoft microsoft-exchange poc proof-of-concept security ssrf

Last synced: 04 Aug 2024

https://github.com/Al1ex/CVE-2020-36179

CVE-2020-36179~82 Jackson-databind SSRF&RCE

cve-2020-36179 jackson-databind rce ssrf

Last synced: 04 Aug 2024

https://github.com/arkadiyt/ssrf_filter

A ruby gem for defending against Server Side Request Forgery (SSRF) attacks

gem ruby server-side-request-forgery ssrf

Last synced: 03 Aug 2024

https://github.com/R0X4R/ssrf-tool

An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.

bugbounty bugbounty-tool bugbountytips go ssrf ssrf-tool tools

Last synced: 04 Aug 2024

https://github.com/e1abrador/Burp-Encode-IP

Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.

bugbounty bugbounty-tool bugbountytips bypass open-redirect red-team red-team-tools ssrf

Last synced: 04 Aug 2024

https://github.com/junnlikestea/bulkssrf

Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.

async bugbounty-tool rust ssrf tokio-rs

Last synced: 04 Aug 2024

https://github.com/tirkarthi/clj-http-ssrf

A clj-http middleware to prevent SSRF attacks

clj-http-middleware clojure ssrf

Last synced: 02 Oct 2024

https://github.com/hupe1980/gopherfy

Tool to generate gopher links for exploiting SSRF

exploit fastcgi gopher http mysql postgresql smtp ssrf

Last synced: 01 Oct 2024