Alternatives and similar repositories for SSRF-Testing

Users that are interested in SSRF-Testing are comparing it to the libraries listed below

• dwisiswant0 / wadl-dumper
  Dump all available paths and/or endpoints on WADL file.
  ☆94Updated 2 weeks ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆110Updated 3 years ago
• bp0lr / dmut
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆158Updated last year
• zeroc00I / ReconNotes
  Just some public notes that can be useful and i want let the world knows.
  ☆88Updated 4 years ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• PatrikFehrenbach / amass-tools
  ☆108Updated 4 years ago
• michael1026 / inscope
  ☆18Updated 4 years ago
• ptswarm / ptswarm-twitter
  ☆76Updated 4 years ago
• gwen001 / dnspy
  Find subdomains and takeovers.
  ☆86Updated 2 years ago
• buggysolid / bugbounty-wordlist
  Real world bug bounty wordlists
  ☆118Updated 2 years ago
• devanshbatham / awesome-bughunting-oneliners
  A list of Awesome Bughunting oneliners , collected from the various sources
  ☆69Updated 2 years ago
• emadshanab / Scan-Apple-ASN-for-vulnerabilities-and-leave-no-port
  ☆44Updated 4 years ago
• dwisiswant0 / bounty-targets-alert
  It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
  ☆59Updated 3 years ago
• elfarsaouiomar / monitor-new-subdomain
  MNS is a security and reconnaissance tool for monitoring new subdomains
  ☆69Updated last month
• assetnote / h2csmuggler
  ☆75Updated last year
• h1pmnh / h1privdisc
  Utility to pull disclosed vulnerabilities from HackerOne private programs - for personal use only
  ☆13Updated 4 years ago
• yesnet0 / bounty
  Misc bounty and vulndisc things
  ☆86Updated 4 years ago
• jthack / ffuf_presentation
  ☆16Updated 3 years ago
• smiegles / extract-relative-url-heapsnapshot
  Extract relative urls from a heap snapshot
  ☆87Updated 4 years ago
• Dheerajmadhukar / Lilly
  Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…
  ☆179Updated 4 years ago
• Leoid / MatchandReplace
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆215Updated 6 years ago
• ko2sec / apkizer
  apkizer is a mass downloader for android applications for all available versions.
  ☆47Updated 4 years ago
• pwn0sec / PwnSSRF
  A Python based scanner to find potential SSRF parameters in a web application.
  ☆70Updated 4 years ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆163Updated 2 years ago
• In3tinct / Taken
  Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.
  ☆93Updated 2 months ago
• junnlikestea / vita
  A tool to find subdomains or domains from passive sources.
  ☆115Updated 4 years ago
• xElkomy / Workflow-Bug-Bounty
  My Tools For Bug Bounty
  ☆67Updated 11 months ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆85Updated 4 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆131Updated 4 years ago
• sw33tLie / bcscope
  Get the scope of your bugcrowd programs
  ☆67Updated 4 years ago