Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
☆112Feb 14, 2022Updated 4 years ago
Alternatives and similar repositories for ssrf-finder
Users that are interested in ssrf-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files☆12Jun 8, 2020Updated 5 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.☆11Dec 14, 2025Updated 3 months ago
- ☆57Sep 2, 2020Updated 5 years ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆58Mar 2, 2022Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Bug Bounty Dork☆72Feb 14, 2022Updated 4 years ago
- Kubernetes Scanner☆40Feb 14, 2022Updated 4 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆62Oct 25, 2020Updated 5 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 3 years ago
- SSRF testing tool☆246Dec 8, 2022Updated 3 years ago
- Endpoint monitor tool☆21Sep 16, 2020Updated 5 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- CRLF and open redirect fuzzer☆112Aug 31, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Command line tool for testing CRLF injection on a list of domains.☆163Apr 14, 2024Updated last year
- Secret and/or credential patterns used for gf.☆243Feb 10, 2023Updated 3 years ago
- unicode abnormalizer to takes a unicode string and abnormalizes it by character replacment☆26Jun 27, 2020Updated 5 years ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,412Sep 13, 2024Updated last year
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…☆174Nov 11, 2020Updated 5 years ago
- Host Header Injection Checker☆84Mar 2, 2022Updated 4 years ago
- This script scrapes the list of open Bug Bounty Programs from openbugbounty.org☆28Mar 22, 2022Updated 4 years ago
- differer finds how URLs are parsed by different languages in order to help bug hunters break filters☆63May 3, 2020Updated 5 years ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆972Dec 8, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Security tool to find potential vulnerable Server Side Request Forgery (SSRF) parameters.☆357Feb 13, 2026Updated last month
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago
- You can read the writeup on this script here☆274Jul 12, 2020Updated 5 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Dec 27, 2019Updated 6 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated last year
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆93Jul 9, 2025Updated 8 months ago
- Passively check for XSS character encodings☆18Mar 9, 2026Updated 2 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ☆32Apr 6, 2021Updated 4 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆107Aug 4, 2020Updated 5 years ago
- Blind XSS SVG☆10Mar 27, 2023Updated 3 years ago
- Wordlist to bruteforce for LFI☆128Oct 6, 2019Updated 6 years ago
- A tool which scrapes public github repositories for common naming conventions in variables, folders and files☆296Jun 3, 2024Updated last year
- Clientside vulnerability / reflected xss fuzzer☆149Jul 29, 2023Updated 2 years ago
- parse ffuf & map endpoints to wordlists☆21Feb 25, 2021Updated 5 years ago