Alternatives and similar repositories for SSRF-Testing

Users that are interested in SSRF-Testing are comparing it to the libraries listed below

• zeroc00I / ReconNotes
  Just some public notes that can be useful and i want let the world knows.
  ☆88Updated 5 years ago
• h1pmnh / h1privdisc
  Utility to pull disclosed vulnerabilities from HackerOne private programs - for personal use only
  ☆13Updated 4 years ago
• Leoid / MatchandReplace
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆214Updated 6 years ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• buggysolid / bugbounty-wordlist
  Real world bug bounty wordlists
  ☆116Updated 2 years ago
• emadshanab / Scan-Apple-ASN-for-vulnerabilities-and-leave-no-port
  ☆44Updated 4 years ago
• dwisiswant0 / wadl-dumper
  Dump all available paths and/or endpoints on WADL file.
  ☆96Updated last week
• chbrown / unmap
  Unpack a JavaScript Source Map back into filesystem structure
  ☆185Updated 5 years ago
• robre / gf-patterns
  A repository of some useful grep patterns for tomnomnoms gf tool
  ☆38Updated 5 years ago
• devanshbatham / awesome-bughunting-oneliners
  A list of Awesome Bughunting oneliners , collected from the various sources
  ☆69Updated 2 years ago
• smiegles / extract-relative-url-heapsnapshot
  Extract relative urls from a heap snapshot
  ☆87Updated 4 years ago
• honoki / wilson-cloud-respwnder
  WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…
  ☆50Updated last year
• sw33tLie / bcscope
  Get the scope of your bugcrowd programs
  ☆67Updated 4 years ago
• Dheerajmadhukar / Lilly
  Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…
  ☆183Updated 4 years ago
• gwen001 / dnspy
  Find subdomains and takeovers.
  ☆86Updated 2 years ago
• michael1026 / inscope
  ☆18Updated 4 years ago
• defparam / h1passets
  List HackerOne private program assets
  ☆154Updated 4 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆133Updated 4 years ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆110Updated 3 years ago
• random-robbie / bugbountydork
  Bug Bounty Dork
  ☆73Updated 3 years ago
• bp0lr / dmut
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆157Updated last year
• junnlikestea / vita
  A tool to find subdomains or domains from passive sources.
  ☆113Updated 4 years ago
• defparam / h1stats
  a tool that compiles a csv of all h1 program stats
  ☆47Updated 2 years ago
• PatrikFehrenbach / amass-tools
  ☆108Updated 5 years ago
• dwisiswant0 / bounty-targets-alert
  It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
  ☆59Updated 3 years ago
• pry0cc / subgen
  A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!
  ☆89Updated 5 years ago
• tess-ss / good-tools
  ☆22Updated 3 years ago
• lc / DOD-Recon
  Recon for Department of Defense HackerOne program
  ☆46Updated 7 years ago
• Virdoexhunter / OneLinerBashrcCommands
  ☆19Updated 5 years ago
• jthack / ffuf_presentation
  ☆16Updated 3 years ago