Alternatives and similar repositories for SSRF-Testing

Users that are interested in SSRF-Testing are comparing it to the libraries listed below

• buggysolid / bugbounty-wordlist
  Real world bug bounty wordlists
  ☆117Updated 2 years ago
• Dheerajmadhukar / Lilly
  Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…
  ☆183Updated 4 years ago
• dwisiswant0 / wadl-dumper
  Dump all available paths and/or endpoints on WADL file.
  ☆96Updated 2 weeks ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆111Updated 3 years ago
• zeroc00I / ReconNotes
  Just some public notes that can be useful and i want let the world knows.
  ☆88Updated 5 years ago
• gwen001 / dnspy
  Find subdomains and takeovers.
  ☆86Updated 3 years ago
• udit-thakkur / AdvancedKeyHacks
  API Key/Token Exploitation Made easy.
  ☆90Updated 4 years ago
• houssem98 / top-bug-
  ☆30Updated 4 years ago
• Leoid / MatchandReplace
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆214Updated 6 years ago
• Traceableai / 31-days-of-pentesting
  31 Tips for pentesters & security engineers
  ☆86Updated 4 years ago
• devanshbatham / awesome-bughunting-oneliners
  A list of Awesome Bughunting oneliners , collected from the various sources
  ☆69Updated 2 years ago
• alifathi-h1 / gh_scanner
  GH Scanner Tool is written in Python3 and designed for penetration testers and bug bounty hunters to scan Organization/User repositories …
  ☆34Updated 5 months ago
• dwisiswant0 / hinject
  Host Header Injection Checker
  ☆83Updated 3 years ago
• lc / DOD-Recon
  Recon for Department of Defense HackerOne program
  ☆46Updated 7 years ago
• dwisiswant0 / bounty-targets-alert
  It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.
  ☆59Updated 3 years ago
• pwn0sec / PwnSSRF
  A Python based scanner to find potential SSRF parameters in a web application.
  ☆70Updated 4 years ago
• gwen001 / bugbountytips
  Webapp to search tips on Twitter through #bugbountytips
  ☆72Updated 3 years ago
• robre / gf-patterns
  A repository of some useful grep patterns for tomnomnoms gf tool
  ☆38Updated 5 years ago
• elfarsaouiomar / monitor-new-subdomain
  MNS is a security and reconnaissance tool for monitoring new subdomains
  ☆70Updated this week
• arijitdirghangi / Find-Hardcoded
  You can find hardcoded Api-Key,Secret,Token Etc..
  ☆77Updated 3 years ago
• PatrikFehrenbach / amass-tools
  ☆105Updated 5 years ago
• tess-ss / good-tools
  ☆22Updated 3 years ago
• michael1026 / inscope
  ☆18Updated 4 years ago
• Sambal0x / Recon-tools
  Some of my bug bounty tools
  ☆52Updated 6 years ago
• dwisiswant0 / unew
  A tool for append URLs, skipping duplicates/paths & combine parameters.
  ☆125Updated 3 years ago
• junnlikestea / vita
  A tool to find subdomains or domains from passive sources.
  ☆112Updated 4 years ago
• bp0lr / dmut
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆156Updated 2 years ago
• honoki / tools
  A collection of simple tools and poc-builders
  ☆39Updated 4 months ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆132Updated 4 years ago