incredibleindishell/SSRF_Vulnerable_Lab external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

incredibleindishell/SSRF_Vulnerable_Lab

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/incredibleindishell/SSRF_Vulnerable_Lab)

Close

incredibleindishell / SSRF_Vulnerable_LabView on GitHubMore

• External links
• Readme badge

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

☆765Aug 21, 2023Updated 2 years ago

Alternatives and similar repositories for SSRF_Vulnerable_Lab

Users that are interested in SSRF_Vulnerable_Lab are comparing it to the libraries listed below

• jdonsec / AllThingsSSRF

  View on GitHub
  This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
  ☆1,364Jan 24, 2021Updated 5 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,483Oct 12, 2024Updated last year
• incredibleindishell / CORS-vulnerable-Lab

  View on GitHub
  Sample vulnerable code and its exploit code
  ☆190Mar 14, 2021Updated 5 years ago
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,787Apr 26, 2024Updated last year
• swisskyrepo / SSRFmap

  View on GitHub
  Automatic SSRF fuzzer and exploitation tool
  ☆3,502Sep 4, 2025Updated 6 months ago
• dogangcr / vulnerable-sso

  View on GitHub
  vulnerable single sign on
  ☆149Aug 1, 2024Updated last year
• m6a-UdS / ssrf-lab

  View on GitHub
  Lab for exploring SSRF vulnerabilities
  ☆247May 30, 2021Updated 4 years ago
• SpiderMate / B-XSSRF

  View on GitHub
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆293Aug 23, 2019Updated 6 years ago
• c0ny1 / xxe-lab

  View on GitHub
  一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo
  ☆816Nov 28, 2022Updated 3 years ago
• teknogeek / ssrf-sheriff

  View on GitHub
  A simple SSRF-testing sheriff written in Go
  ☆336Oct 31, 2024Updated last year
• ZeddYu / HTTP-Smuggling-Lab

  View on GitHub
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆346Nov 20, 2022Updated 3 years ago
• snoopysecurity / awesome-burp-extensions

  View on GitHub
  A curated list of amazingly awesome Burp Extensions
  ☆3,377Feb 17, 2026Updated last month
• tarunkant / Gopherus

  View on GitHub
  This tool generates gopher link for exploiting SSRF and gaining RCE in various servers
  ☆3,324Apr 18, 2023Updated 2 years ago
• In3tinct / See-SURF

  View on GitHub
  Security tool to find potential vulnerable Server Side Request Forgery (SSRF) parameters.
  ☆356Feb 13, 2026Updated last month
• enjoiz / XXEinjector

  View on GitHub
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,721Dec 1, 2024Updated last year
• jbarone / xxelab

  View on GitHub
  A simple web app with a XXE vulnerability.
  ☆232Nov 10, 2021Updated 4 years ago
• jaeles-project / jaeles

  View on GitHub
  The Swiss Army knife for automated Web Application Testing
  ☆2,324May 8, 2024Updated last year
• GrrrDog / Java-Deserialization-Cheat-Sheet

  View on GitHub
  The cheat sheet about Java Deserialization vulnerabilities
  ☆3,172May 26, 2023Updated 2 years ago
• securityidiots / CollabOzark

  View on GitHub
  CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
  ☆136Sep 25, 2019Updated 6 years ago
• GerbenJavado / LinkFinder

  View on GitHub
  A python script that finds endpoints in JavaScript files
  ☆4,300Apr 13, 2024Updated last year
• RenwaX23 / XSS-Payloads

  View on GitHub
  List of XSS Vectors/Payloads
  ☆1,367Jan 14, 2026Updated 2 months ago
• s0md3v / Arjun

  View on GitHub
  HTTP parameter discovery suite.
  ☆6,142Feb 20, 2025Updated last year
• epinna / tplmap

  View on GitHub
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆4,125Apr 21, 2024Updated last year
• 0xInfection / Awesome-WAF

  View on GitHub
  Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥
  ☆7,388Aug 28, 2025Updated 6 months ago
• m6a-UdS / dvca

  View on GitHub
  Damn Vulnerable Cloud Application
  ☆209Sep 12, 2018Updated 7 years ago
• nccgroup / BurpSuiteHTTPSmuggler

  View on GitHub
  A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  ☆736May 4, 2019Updated 6 years ago
• RhinoSecurityLabs / SleuthQL

  View on GitHub
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆471Nov 14, 2019Updated 6 years ago
• PortSwigger / http-request-smuggler

  View on GitHub
  ☆1,189Jan 21, 2026Updated 2 months ago
• gwen001 / pentest-tools

  View on GitHub
  A collection of custom security tools for quick needs.
  ☆3,286May 1, 2023Updated 2 years ago
• cujanovic / Open-Redirect-Payloads

  View on GitHub
  Open Redirect Payloads
  ☆655Oct 12, 2024Updated last year
• ssl / ezXSS

  View on GitHub
  ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
  ☆2,250Jan 8, 2026Updated 2 months ago
• luisfontes19 / xxexploiter

  View on GitHub
  Tool to help exploit XXE vulnerabilities
  ☆592Feb 4, 2023Updated 3 years ago
• 1N3 / IntruderPayloads

  View on GitHub
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,904Sep 27, 2021Updated 4 years ago
• ameenmaali / qsfuzz

  View on GitHub
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆303Feb 12, 2023Updated 3 years ago
• streaak / keyhacks

  View on GitHub
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆6,101Aug 14, 2024Updated last year
• orangetw / awesome-jenkins-rce-2019

  View on GitHub
  There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  ☆607May 17, 2019Updated 6 years ago
• s0md3v / AwesomeXSS

  View on GitHub
  Awesome XSS stuff
  ☆5,073Oct 30, 2024Updated last year
• Regala / burp-scope-monitor

  View on GitHub
  Burp Suite Extension to monitor new scope
  ☆200Mar 31, 2021Updated 4 years ago
• daeken / SSRFTest

  View on GitHub
  SSRF testing tool
  ☆246Dec 8, 2022Updated 3 years ago