A Complete SSRF (Server Side Request Forgery) Scanner.
☆41Dec 1, 2025Updated 3 months ago
Alternatives and similar repositories for SSRF-Scanner
Users that are interested in SSRF-Scanner are comparing it to the libraries listed below
Sorting:
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆35Dec 13, 2023Updated 2 years ago
- Describe how to use ffuf different options with examples☆13Jun 13, 2022Updated 3 years ago
- This Repo clone and organize all nuclei templates that are found in Github. { due to git runner time limit stopped the workflow, ping me …☆12Feb 28, 2025Updated last year
- Remote Code Execution EJS Web Applications using express-fileupload☆11Aug 17, 2021Updated 4 years ago
- ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be …☆13May 10, 2022Updated 3 years ago
- ☆12Jun 16, 2021Updated 4 years ago
- Google maps api key checker for pentesting purpose☆28Oct 12, 2022Updated 3 years ago
- Advanced test for proxy & waf☆14Feb 10, 2026Updated 2 weeks ago
- Exploit Proof-of-Concept code for XAMPP v3.3.0 — '.ini' Buffer Overflow (Unicode + SEH)☆14Nov 1, 2023Updated 2 years ago
- ☆12May 31, 2023Updated 2 years ago
- ☆15Dec 27, 2022Updated 3 years ago
- 🎯 SQL Injection Payload List☆10Jun 6, 2021Updated 4 years ago
- An interactive bash script for detecting IDOR vulnerabilities. Automates the discovery of access control issues in web applications, enha…☆14Apr 10, 2025Updated 10 months ago
- Cloudpanel 0-day Exploit☆56Jul 24, 2023Updated 2 years ago
- A simple automation tool to detect lfi, rce and ssti vulnerability☆56Feb 15, 2022Updated 4 years ago
- Tool to extract all subdomains from crt.sh search using RegEx and Web Scraping☆21Jan 5, 2024Updated 2 years ago
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference��☆21Apr 14, 2021Updated 4 years ago
- FETB : Take URL of File For Analysis using File + ExifTool + Binwalk Commands☆20Feb 2, 2021Updated 5 years ago
- ThinkPHP vulnerability scan for BurpSuite☆15Nov 18, 2019Updated 6 years ago
- Reflected XSS Payload List for Vue.js (2 & 3)☆15Jan 12, 2023Updated 3 years ago
- word-list, payloads , Resources☆28Oct 17, 2025Updated 4 months ago
- A Python based scanner to find potential SSRF parameters in a web application.☆70Jul 12, 2021Updated 4 years ago
- Automated Recon Tool Installer☆15Jun 29, 2022Updated 3 years ago
- Burp extension used to snip any header from all the requests.☆23Nov 12, 2023Updated 2 years ago
- Passively check for XSS character encodings☆18Feb 7, 2026Updated 3 weeks ago
- ☆16Mar 11, 2024Updated last year
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆112Feb 14, 2022Updated 4 years ago
- ☆40Jul 24, 2022Updated 3 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆17Jan 31, 2021Updated 5 years ago
- Pentest-Command☆20Nov 10, 2021Updated 4 years ago
- The IDOR IN works by systematically scanning a target web application and examining various endpoints, parameters, and data access points…☆23Jun 25, 2023Updated 2 years ago
- A tool which allows HackerOne researchers to download their reports into a local, indexed, and searchable repository☆19Sep 29, 2022Updated 3 years ago
- A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.☆55Jun 13, 2023Updated 2 years ago
- an exploit of Server-side request forgery (SSRF)☆52Aug 2, 2024Updated last year
- Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against mal…☆302Dec 30, 2025Updated 2 months ago
- Terminal based fake identity generator.☆26Aug 23, 2023Updated 2 years ago
- AI-based Web Application Penetration Testing Tool☆24Jan 19, 2024Updated 2 years ago
- yscan是一款基于go写的端口扫描工具,集masscan+nmap+wappalyzer+证书于一体☆54Jun 12, 2023Updated 2 years ago
- Finding XSS during recon☆273Sep 13, 2022Updated 3 years ago