This is the vulnerable "proxy" I used on this article: http://resources.infosecinstitute.com/the-ssrf-vulnerability/ . A simple, non-validated Curl request. I will also create a script in Python which will allow you to perform the HTTP port scan.
☆14Sep 20, 2016Updated 9 years ago
Alternatives and similar repositories for SSRF-Vulnerable-with-Curl
Users that are interested in SSRF-Vulnerable-with-Curl are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Multiple XSS Pocs (some server via gh-pages)☆16Feb 17, 2017Updated 9 years ago
- web scanner☆23Jan 29, 2019Updated 7 years ago
- 渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss…☆13Jan 8, 2020Updated 6 years ago
- Converts burp's sitemap to sulley's fuzzing script☆11Aug 30, 2015Updated 10 years ago
- PHDAYS |||☆17May 23, 2013Updated 12 years ago
- List (or plunder) private repos/gists to which a token has access, including those of other users☆10Jan 29, 2022Updated 4 years ago
- ☆37Dec 10, 2017Updated 8 years ago
- Microsoft Flow Attack Framework☆23Nov 14, 2019Updated 6 years ago
- Write ups☆16Dec 13, 2017Updated 8 years ago
- HTTPoxy Exploit Scanner by 1N3 @CrowdShield☆104Aug 9, 2017Updated 8 years ago
- Java Binary data Deserializer/Serializer - Convert serialized Java Objects into readable XML☆13Feb 25, 2019Updated 7 years ago
- Use regular expressions to get sensitive information from a given repository (GitHub, pip or npm).☆37Sep 30, 2019Updated 6 years ago
- IDOR bypass fuzz 权限绕过burp 插件 fuzz (shiro 等)☆27Sep 1, 2021Updated 4 years ago
- Compiled binaries of various security tools☆14May 19, 2021Updated 4 years ago
- ☆12Dec 26, 2017Updated 8 years ago
- The official repo of BSIS☆14Feb 16, 2012Updated 14 years ago
- Provide a sort of shell-ish interface to make file directory traversal quicker and easier.☆24Jan 1, 2017Updated 9 years ago
- Artefacts from various retefe campaigns☆10Mar 9, 2019Updated 7 years ago
- ☆10Mar 29, 2024Updated last year
- Forked and updated with some additional features over the original☆17Mar 30, 2021Updated 4 years ago
- An intentionally vulnerable Web-Application based on OWASP 2013 Top 10 List.☆11Aug 1, 2024Updated last year
- Memory fuzzing based on sinn3r's In Memory Fuzzer☆25Mar 1, 2012Updated 14 years ago
- Linux kernel exploit☆13Oct 6, 2021Updated 4 years ago
- Chrome Extension for XSS Hunter Payloads☆42Sep 7, 2016Updated 9 years ago
- 轻量级漏洞验证和利用框架☆32May 10, 2022Updated 3 years ago
- introduction to distributed scanning using vultr☆10Apr 29, 2017Updated 8 years ago
- Materials for the BSides NoVA/Charleston 2018 Bro Workshop☆14Jun 4, 2025Updated 9 months ago
- Exploit insecure crossdomain.xml files.☆26Apr 25, 2017Updated 8 years ago
- ☆12May 9, 2017Updated 8 years ago
- ☆13Nov 3, 2023Updated 2 years ago
- Some talks about security☆12Nov 20, 2020Updated 5 years ago
- Shodanwave - Netwave IP Camera☆18Nov 18, 2017Updated 8 years ago
- Try harder to bypass that WAF...☆14Jan 4, 2015Updated 11 years ago
- Convert Wigle.net result from json to Kml☆15Dec 4, 2020Updated 5 years ago
- CVE-2019-16113 - bludit >= 3.9.2 RCE authenticate☆13Jun 5, 2020Updated 5 years ago
- A simple script that automates basic pentester reconaissance starting from nmap scans.☆10Dec 10, 2016Updated 9 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- Broken web app intentionally built with pentesting obstacles☆15Jun 21, 2019Updated 6 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Feb 21, 2017Updated 9 years ago