A Python based scanner to find potential SSRF parameters in a web application.
☆69Jul 12, 2021Updated 4 years ago
Alternatives and similar repositories for PwnSSRF
Users that are interested in PwnSSRF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Open Redirect Vulnerability scanner (Pwn0sec-Project)☆21Sep 19, 2020Updated 5 years ago
- PwnGIT is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive…☆14Dec 17, 2020Updated 5 years ago
- A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headers☆10Oct 2, 2022Updated 3 years ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆972Dec 8, 2021Updated 4 years ago
- An Android SSL Pinning Remover tool for Security research and Bug Bounty☆43Jun 1, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Talosplus is a fast and robust template based Intelligent automation framework primarily developed for Bug Bounty Automation☆92Mar 7, 2023Updated 3 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆278Feb 11, 2021Updated 5 years ago
- Astra is a tool to find URLs and secrets inside a webpage/files☆211Mar 14, 2023Updated 3 years ago
- My gfPatterns☆15Aug 31, 2021Updated 4 years ago
- R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.☆151Apr 2, 2021Updated 5 years ago
- A shell script for running lightning talks with a cow as a compere.☆15Jun 5, 2020Updated 5 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- ☆21Dec 15, 2020Updated 5 years ago
- This script scrapes the list of open Bug Bounty Programs from openbugbounty.org☆28Mar 22, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Etherpad: real-time collaborative document editor☆10Mar 30, 2020Updated 6 years ago
- whoareyou is a tool to find the underlying technology/software used in a list of websites passed through stdin (using Wappalyzer dataset)☆32Jun 15, 2020Updated 5 years ago
- Unique wordlist generator of unique wordlists.☆41Jul 20, 2023Updated 2 years ago
- XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|ID…☆352Jun 17, 2023Updated 2 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆62Oct 25, 2020Updated 5 years ago
- A Complete SSRF (Server Side Request Forgery) Scanner.☆40Dec 1, 2025Updated 5 months ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆59Mar 2, 2022Updated 4 years ago
- XSS reflector vulnerabilities exploitation extended.☆28Jul 25, 2021Updated 4 years ago
- Burp extension to generate multi-step CSRF POC.☆30Sep 23, 2019Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Script that download 37+ open source nuclei templates☆45Sep 2, 2022Updated 3 years ago
- Bug Bounty stuffs, payloads, scripts, profiles, tips and tricks, ...☆146Jul 30, 2020Updated 5 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆340Aug 23, 2019Updated 6 years ago
- Spring4Shell Burp Scanner☆73Apr 3, 2022Updated 4 years ago
- Type safe way defining configurations fed by environment variables, process arguments or json config files (including deserialization an…☆14Jun 13, 2018Updated 7 years ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆276Sep 25, 2023Updated 2 years ago
- A Python-based automation tool for interacting with the Burp Suite API to run scans and retrieve vulnerability data programmatically.☆10Oct 3, 2022Updated 3 years ago
- ☆15Mar 21, 2025Updated last year
- Vulnerability Cheatsheet☆54Apr 22, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Command line tool for testing CRLF injection on a list of domains.☆163Apr 14, 2024Updated 2 years ago
- Droz_scan is a automated script, that runs all the queries of drozer in a single run☆26May 15, 2023Updated 3 years ago
- It grep subdomains, email/username, build custom wordlist etc from gau results☆50Nov 4, 2022Updated 3 years ago
- 0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover☆57Dec 15, 2020Updated 5 years ago
- Match and Replace script used to automatically generate JSON option file to BurpSuite☆215May 13, 2019Updated 7 years ago
- FETB : Take URL of File For Analysis using File + ExifTool + Binwalk Commands☆20Feb 2, 2021Updated 5 years ago
- Filter URLs to save your time.☆60Jul 29, 2022Updated 3 years ago