Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSRF
☆132Sep 6, 2024Updated last year
Alternatives and similar repositories for SSRFPwned
Users that are interested in SSRFPwned are comparing it to the libraries listed below
Sorting:
- Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs …☆259Apr 3, 2025Updated 11 months ago
- ScopeHunter is a command-line tool for finding in scope targets for bug bounty programs.☆74Sep 6, 2024Updated last year
- Powershell shellcode one-liner. Powershell免杀一句话上线器便捷生成☆54Aug 13, 2023Updated 2 years ago
- XSSRocket it is a tool designed for offensive security and XSS (Cross-Site Scripting) attacks.☆162Oct 11, 2024Updated last year
- NetFuzzer is a comprehensive network security assessment tool for internal and external network components, including Host Machines, Fire…☆15Aug 4, 2025Updated 7 months ago
- This repository is to provide a write-up and PoC for CVE-2023-41717.☆12Aug 31, 2023Updated 2 years ago
- Convert domain lists to resolved IP without duplicated, useful for strong large recon, and Bug Bounty☆13Apr 30, 2021Updated 4 years ago
- LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities☆299Jan 7, 2024Updated 2 years ago
- it is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web pag…☆116Jul 18, 2023Updated 2 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.☆16Apr 5, 2024Updated last year
- ScanExp automates the scanning of any machine's open ports via the ip address and performs a brute force attack on ports 20, 21 for the F…☆26Oct 14, 2023Updated 2 years ago
- A Tool for Bug Bounty Hunters that uses Passive and Active Techniques to fetch URLs as a strong Recon, so you can then create Attack Vect…☆76Sep 6, 2024Updated last year
- ☆13Dec 21, 2023Updated 2 years ago
- There were no proper POCs for CVE-2023-30533 so I made one. (Reported by Vsevolod Kokorin)☆12Aug 9, 2023Updated 2 years ago
- A 1 Liner SQL Injection Attack using SQLMAP and various parameters that helps quickly check for a vulnerabilities during Bug Bounty☆41Sep 6, 2024Updated last year
- TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in you…☆296Sep 6, 2024Updated last year
- This bash script tool, will perform advanced subdomain enumeration, save the results, it will then probe the subdomains into urls, save t…☆25Sep 6, 2024Updated last year
- It is a tool for scanning and exploiting the famous SQL injection vulnerability in more than millions of sites. The exploit was programme…☆66Jul 1, 2024Updated last year
- Dump Windows SAM hashes☆42Aug 9, 2023Updated 2 years ago
- CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based t…☆130Feb 17, 2026Updated 2 weeks ago
- ☆14Mar 20, 2025Updated 11 months ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- masscan with exclusive excludes☆58Nov 8, 2023Updated 2 years ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆46Mar 4, 2024Updated 2 years ago
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆26Jul 14, 2024Updated last year
- An AIO Tool to check for Vulnerable Amazon S3 Buckets as part of Bug Bounty, the uniqueness of this tool is that it can take a file full …☆44Sep 6, 2024Updated last year
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆262Jul 6, 2025Updated 7 months ago
- SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accu…☆241Sep 6, 2024Updated last year
- Duplicate not owned Token from Running Process☆74Jul 21, 2023Updated 2 years ago
- Black Hat Ethical Hacking - Official Theme for Conky Manager☆18Sep 6, 2024Updated last year
- The remediation script should set the reg entries described in https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 . The…☆27Jul 21, 2023Updated 2 years ago
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆356Dec 14, 2023Updated 2 years ago
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆45Mar 24, 2025Updated 11 months ago
- Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.☆48Jul 2, 2025Updated 8 months ago
- 📲 Apepe is a project developed to help to capture informations from a Android app through his APK file. It can be used to extract the co…☆140Oct 15, 2025Updated 4 months ago
- Certina is an OSINT tool for red teamers and bug hunters to discover subdomains from web certificate data☆52Mar 7, 2024Updated last year
- Who We Are☆22Sep 6, 2024Updated last year
- DrShell is a cutting-edge tool designed for the dynamic management of reverse shell sessions. Whether you are a seasoned security profess…☆16Aug 20, 2025Updated 6 months ago