Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
☆112Feb 14, 2022Updated 4 years ago
Alternatives and similar repositories for ssrf-finder
Users that are interested in ssrf-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files☆12Jun 8, 2020Updated 5 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.☆11Dec 14, 2025Updated 4 months ago
- ☆57Sep 2, 2020Updated 5 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆277Feb 11, 2021Updated 5 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆59Mar 2, 2022Updated 4 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Bug Bounty Dork☆72Feb 14, 2022Updated 4 years ago
- Kubernetes Scanner☆40Feb 14, 2022Updated 4 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆62Oct 25, 2020Updated 5 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 3 years ago
- SSRF testing tool☆246Dec 8, 2022Updated 3 years ago
- Endpoint monitor tool☆21Sep 16, 2020Updated 5 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- CRLF and open redirect fuzzer☆112Aug 31, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Command line tool for testing CRLF injection on a list of domains.☆163Apr 14, 2024Updated 2 years ago
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- unicode abnormalizer to takes a unicode string and abnormalizes it by character replacment☆26Jun 27, 2020Updated 5 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆175Nov 11, 2020Updated 5 years ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,418Sep 13, 2024Updated last year
- Host Header Injection Checker☆84Mar 2, 2022Updated 4 years ago
- This script scrapes the list of open Bug Bounty Programs from openbugbounty.org☆28Mar 22, 2022Updated 4 years ago
- differer finds how URLs are parsed by different languages in order to help bug hunters break filters☆63May 3, 2020Updated 5 years ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆973Dec 8, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Security tool to find potential vulnerable Server Side Request Forgery (SSRF) parameters.☆360Feb 13, 2026Updated 2 months ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago
- You can read the writeup on this script here☆272Jul 12, 2020Updated 5 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Dec 27, 2019Updated 6 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated 2 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆92Jul 9, 2025Updated 9 months ago
- Passively check for XSS character encodings☆18Mar 9, 2026Updated last month
- ☆31Apr 6, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆107Aug 4, 2020Updated 5 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆337Aug 23, 2019Updated 6 years ago
- Blind XSS SVG☆10Mar 27, 2023Updated 3 years ago
- Wordlist to bruteforce for LFI☆128Oct 6, 2019Updated 6 years ago
- A tool which scrapes public github repositories for common naming conventions in variables, folders and files☆297Jun 3, 2024Updated last year
- Clientside vulnerability / reflected xss fuzzer☆149Jul 29, 2023Updated 2 years ago
- parse ffuf & map endpoints to wordlists☆21Feb 25, 2021Updated 5 years ago