Alternatives and similar repositories for ssrf-finder

Users that are interested in ssrf-finder are comparing it to the libraries listed below

• random-robbie / SecretFinder

  View on GitHub
  SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
  ☆12Jun 8, 2020Updated 5 years ago
• random-robbie / angularjs-csti-scanner

  View on GitHub
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
  ☆11Dec 14, 2025Updated 2 months ago
• Damian89 / extended-ssrf-search

  View on GitHub
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆280Feb 11, 2021Updated 5 years ago
• ethicalhackingplayground / linkJS

  View on GitHub
  ☆57Sep 2, 2020Updated 5 years ago
• bp0lr / wurl

  View on GitHub
  A tool to test working urls.
  ☆43Nov 17, 2020Updated 5 years ago
• Shivangx01b / BountyIt

  View on GitHub
  A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…
  ☆62Oct 25, 2020Updated 5 years ago
• dwisiswant0 / gf-secrets

  View on GitHub
  Secret and/or credential patterns used for gf.
  ☆243Feb 10, 2023Updated 3 years ago
• 1ndianl33t / Gf-Patterns

  View on GitHub
  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
  ☆1,397Sep 13, 2024Updated last year
• random-robbie / bugbountydork

  View on GitHub
  Bug Bounty Dork
  ☆72Feb 14, 2022Updated 4 years ago
• daeken / SSRFTest

  View on GitHub
  SSRF testing tool
  ☆246Dec 8, 2022Updated 3 years ago
• KathanP19 / gaussrf

  View on GitHub
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl and Filter Urls With OpenRedirection or SS…
  ☆173Nov 11, 2020Updated 5 years ago
• Josue87 / roboxtractor

  View on GitHub
  Extract endpoints marked as disallow in robots files to generate wordlists.
  ☆58Mar 2, 2022Updated 3 years ago
• Cgboal / exclude-cdn

  View on GitHub
  Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin
  ☆45Mar 13, 2023Updated 2 years ago
• ethicalhackingplayground / endzy

  View on GitHub
  Endpoint monitor tool
  ☆21Sep 16, 2020Updated 5 years ago
• ethicalhackingplayground / Zin

  View on GitHub
  A Payload Injector for bugbounties written in go
  ☆70Jul 18, 2020Updated 5 years ago
• MichaelStott / CRLF-Injection-Scanner

  View on GitHub
  Command line tool for testing CRLF injection on a list of domains.
  ☆166Apr 14, 2024Updated last year
• sa1tama0 / Blind-XSS-SVG

  View on GitHub
  Blind XSS SVG
  ☆10Mar 27, 2023Updated 2 years ago
• dubs3c / Injectus

  View on GitHub
  CRLF and open redirect fuzzer
  ☆112Aug 31, 2021Updated 4 years ago
• Cillian-Collins / subscraper

  View on GitHub
  Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…
  ☆223Jul 10, 2020Updated 5 years ago
• joefizz / autofindomain

  View on GitHub
  ☆24Jan 26, 2021Updated 5 years ago
• dwisiswant0 / hinject

  View on GitHub
  Host Header Injection Checker
  ☆84Mar 2, 2022Updated 3 years ago
• In3tinct / See-SURF

  View on GitHub
  Security tool (now AI powered 🤖) to find potential vulnerable Server Side Request Forgery (SSRF) parameters.
  ☆354Updated this week
• ksharinarayanan / SSRFire

  View on GitHub
  An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
  ☆971Dec 8, 2021Updated 4 years ago
• thelikes / fuzznav

  View on GitHub
  parse ffuf & map endpoints to wordlists
  ☆21Feb 25, 2021Updated 4 years ago
• JoshMorrison99 / isXSS-Burp

  View on GitHub
  Passively check for XSS character encodings
  ☆18Feb 7, 2026Updated last week
• Droidzzzio / EnumerationList

  View on GitHub
  This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path
  ☆107Aug 4, 2020Updated 5 years ago
• random-robbie / kube-scan

  View on GitHub
  Kubernetes Scanner
  ☆40Feb 14, 2022Updated 4 years ago
• dark-warlord14 / JSScanner

  View on GitHub
  You can read the writeup on this script here
  ☆274Jul 12, 2020Updated 5 years ago
• burgerhalva / All-in-Fuzzer

  View on GitHub
  All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body
  ☆36Dec 13, 2025Updated 2 months ago
• Emoe / OpenBugBounty-Scrapper

  View on GitHub
  This script scrapes the list of open Bug Bounty Programs from openbugbounty.org
  ☆28Mar 22, 2022Updated 3 years ago
• ethicalhackingplayground / Gxss

  View on GitHub
  Tool for checking reflecting Parameters in a URL.
  ☆10Aug 31, 2020Updated 5 years ago
• JesseClarkND / abnormalizer

  View on GitHub
  unicode abnormalizer to takes a unicode string and abnormalizes it by character replacment
  ☆26Jun 27, 2020Updated 5 years ago
• ignis-sec / puff

  View on GitHub
  Clientside vulnerability / reflected xss fuzzer
  ☆149Jul 29, 2023Updated 2 years ago
• BuildHackSecure / gitscraper

  View on GitHub
  A tool which scrapes public github repositories for common naming conventions in variables, folders and files
  ☆296Jun 3, 2024Updated last year
• ghsec / ghsec-jaeles-signatures

  View on GitHub
  Signatures for jaeles scanner by @j3ssie
  ☆117Apr 20, 2024Updated last year
• rockybhai0516 / maha

  View on GitHub
  ☆14Oct 1, 2021Updated 4 years ago
• In3tinct / Taken

  View on GitHub
  Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.
  ☆93Jul 9, 2025Updated 7 months ago
• crawl3r / PortswiggerXSS

  View on GitHub
  gathers the XSS cheatsheet payloads and creates a usable wordlist
  ☆74Jan 4, 2021Updated 5 years ago
• hussein98d / LFI-files

  View on GitHub
  Wordlist to bruteforce for LFI
  ☆128Oct 6, 2019Updated 6 years ago