SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities
☆185Mar 2, 2021Updated 5 years ago
Alternatives and similar repositories for ssrfuzz
Users that are interested in ssrfuzz are comparing it to the libraries listed below
Sorting:
- ☆145Jul 25, 2022Updated 3 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆615Jan 20, 2021Updated 5 years ago
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆453Jan 9, 2024Updated 2 years ago
- A fuzzer made in golang for finding issues like xss, lfi, rce, ssti...that detects issues using change in content length and verify it us…☆62Oct 25, 2020Updated 5 years ago
- automated web assets enumeration & scanning [DEPRECATED]☆288Mar 7, 2023Updated 2 years ago
- An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability☆469Sep 16, 2023Updated 2 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- CRLFMap is a tool to find HTTP Splitting vulnerabilities☆32Oct 11, 2020Updated 5 years ago
- Endpoint monitor tool☆21Sep 16, 2020Updated 5 years ago
- ☆59Apr 8, 2021Updated 4 years ago
- Gotator is a tool to generate DNS wordlists through permutations.☆506Jul 17, 2022Updated 3 years ago
- BurpBounty 魔改版本☆418Mar 21, 2022Updated 3 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- A tool to test working urls.☆43Nov 17, 2020Updated 5 years ago
- A collection of famous recon public scripts, but in bash <3☆29Mar 2, 2021Updated 5 years ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆27Jul 22, 2021Updated 4 years ago
- Burp Suite extension for parsing Swagger web service definition files☆19Jul 15, 2025Updated 7 months ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.☆394May 28, 2025Updated 9 months ago
- Bash script to extract data from the Waybackmachine☆11Mar 15, 2021Updated 4 years ago
- 基于burpsuite的资产分析工具☆475Apr 29, 2023Updated 2 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆45Feb 10, 2021Updated 5 years ago
- XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|ID…☆350Jun 17, 2023Updated 2 years ago
- ☆45Jun 5, 2021Updated 4 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- 完善的动态备份文件扫描工具 实现动态字典渲染、动态结果判断、自动字典记录、的敏感文件扫描器☆27May 21, 2025Updated 9 months ago
- A python tool to check subdomain takeover vulnerability☆342Jan 6, 2023Updated 3 years ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆970Dec 8, 2021Updated 4 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path☆107Aug 4, 2020Updated 5 years ago
- Automatic SSRF fuzzer and exploitation tool☆3,489Sep 4, 2025Updated 6 months ago
- Just some public notes that can be useful and i want let the world knows.☆88Oct 18, 2020Updated 5 years ago
- Prototype Pollution Scanner☆139Apr 11, 2021Updated 4 years ago
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.☆134Jul 11, 2021Updated 4 years ago
- Burp插件,自动化挖掘SSRF,Redirect,Sqli漏洞,自定义匹配参数☆461Sep 10, 2023Updated 2 years ago
- A Payload Injector for bugbounties written in go☆70Jul 18, 2020Updated 5 years ago
- A fast tool to scan CRLF vulnerability written in Go☆1,520Feb 23, 2026Updated last week
- This tool generates gopher link for exploiting SSRF and gaining RCE in various servers☆3,302Apr 18, 2023Updated 2 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆112Feb 14, 2022Updated 4 years ago
- ssshh its a secret ;)☆21Mar 7, 2022Updated 3 years ago