Alternatives and similar repositories for SSRF-Testing

Users that are interested in SSRF-Testing are comparing it to the libraries listed below

• dwisiswant0 / wadl-dumper
  Dump all available paths and/or endpoints on WADL file.
  ☆95Updated last month
• h1pmnh / h1privdisc
  Utility to pull disclosed vulnerabilities from HackerOne private programs - for personal use only
  ☆13Updated 4 years ago
• lc / DOD-Recon
  Recon for Department of Defense HackerOne program
  ☆46Updated 7 years ago
• emadshanab / Scan-Apple-ASN-for-vulnerabilities-and-leave-no-port
  ☆44Updated 4 years ago
• gwen001 / dnspy
  Find subdomains and takeovers.
  ☆86Updated 2 years ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆110Updated 3 years ago
• dwisiswant0 / bounty-targets-alert
  It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
  ☆59Updated 3 years ago
• devanshbatham / awesome-bughunting-oneliners
  A list of Awesome Bughunting oneliners , collected from the various sources
  ☆69Updated 2 years ago
• honoki / tools
  A collection of simple tools and poc-builders
  ☆39Updated 2 months ago
• defparam / h1stats
  a tool that compiles a csv of all h1 program stats
  ☆47Updated 2 years ago
• zeroc00I / ReconNotes
  Just some public notes that can be useful and i want let the world knows.
  ☆88Updated 4 years ago
• buggysolid / bugbounty-wordlist
  Real world bug bounty wordlists
  ☆117Updated 2 years ago
• bp0lr / dmut
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆158Updated last year
• PatrikFehrenbach / amass-tools
  ☆108Updated 4 years ago
• BugBountyResources / targets
  A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…
  ☆99Updated 4 years ago
• chbrown / unmap
  Unpack a JavaScript Source Map back into filesystem structure
  ☆184Updated 5 years ago
• Leoid / MatchandReplace
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆215Updated 6 years ago
• jthack / ffuf_presentation
  ☆16Updated 3 years ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• gwen001 / bugbountytips
  Webapp to search tips on Twitter through #bugbountytips
  ☆72Updated 2 years ago
• tehryanx / sprawl
  Expand urls into one url for each path depth
  ☆33Updated 5 years ago
• Dheerajmadhukar / Lilly
  Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…
  ☆179Updated 4 years ago
• th3hack3rwiz / Lazy-FuzzZ
  Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …
  ☆52Updated 4 years ago
• eternyle / ShodanIsh
  Shodan Favicon Hash Generator By Aziz Hakim @eternyle
  ☆26Updated last year
• kosmosec / proto-find
  Let's check if your target is vulnerable for client side prototype pollution.
  ☆66Updated last year
• JavierOlmedo / UltimateCMSWordlists
  📚 An ultimate collection wordlists of the best-known CMS
  ☆91Updated last year
• ameenmaali / endpointdiff
  Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.
  ☆41Updated 5 years ago
• michael1026 / inscope
  ☆18Updated 4 years ago
• honoki / wilson-cloud-respwnder
  WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…
  ☆50Updated last year
• R0X4R / ssrf-tool
  An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.
  ☆45Updated 4 years ago