Alternatives and similar repositories for SSRF-Testing

Users that are interested in SSRF-Testing are comparing it to the libraries listed below

• chbrown / unmap
  Unpack a JavaScript Source Map back into filesystem structure
  ☆185Updated 5 years ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆111Updated 3 years ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• jthack / ffuf_presentation
  ☆16Updated 4 years ago
• h1pmnh / h1privdisc
  Utility to pull disclosed vulnerabilities from HackerOne private programs - for personal use only
  ☆13Updated 4 years ago
• dwisiswant0 / wadl-dumper
  Dump all available paths and/or endpoints on WADL file.
  ☆97Updated 3 weeks ago
• Leoid / MatchandReplace
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆214Updated 6 years ago
• zeroc00I / ReconNotes
  Just some public notes that can be useful and i want let the world knows.
  ☆88Updated 5 years ago
• bp0lr / dmut
  A tool to perform permutations, mutations and alteration of subdomains in golang.
  ☆156Updated 2 years ago
• Dheerajmadhukar / Lilly
  Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…
  ☆184Updated 4 years ago
• buggysolid / bugbounty-wordlist
  Real world bug bounty wordlists
  ☆117Updated 2 years ago
• udit-thakkur / AdvancedKeyHacks
  API Key/Token Exploitation Made easy.
  ☆90Updated 4 years ago
• devanshbatham / awesome-bughunting-oneliners
  A list of Awesome Bughunting oneliners , collected from the various sources
  ☆69Updated 2 years ago
• gwen001 / dnspy
  Find subdomains and takeovers.
  ☆86Updated 3 years ago
• smiegles / extract-relative-url-heapsnapshot
  Extract relative urls from a heap snapshot
  ☆87Updated 4 years ago
• elfarsaouiomar / monitor-new-subdomain
  MNS is a security and reconnaissance tool for monitoring new subdomains
  ☆70Updated this week
• pwn0sec / PwnSSRF
  A Python based scanner to find potential SSRF parameters in a web application.
  ☆70Updated 4 years ago
• michael1026 / inscope
  ☆18Updated 4 years ago
• tarunkant / EndPoint-Finder
  Finds the End-Points in JavaScript files
  ☆97Updated 4 years ago
• defparam / h1passets
  List HackerOne private program assets
  ☆154Updated 4 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆132Updated 4 years ago
• vincd / wappylyzer
  Implementation of Wappalyzer in Python
  ☆55Updated 3 years ago
• junnlikestea / vita
  A tool to find subdomains or domains from passive sources.
  ☆112Updated 4 years ago
• emadshanab / Scan-Apple-ASN-for-vulnerabilities-and-leave-no-port
  ☆44Updated 4 years ago
• war-and-code / akamai-arl-hack
  Script to test open Akamai ARL vulnerability.
  ☆70Updated 4 years ago
• honoki / tools
  A collection of simple tools and poc-builders
  ☆39Updated 4 months ago
• rotemreiss / uddup
  Urls de-duplication tool for better recon.
  ☆145Updated 6 months ago
• dwisiswant0 / unew
  A tool for append URLs, skipping duplicates/paths & combine parameters.
  ☆125Updated 3 years ago
• defparam / h1stats
  a tool that compiles a csv of all h1 program stats
  ☆47Updated 2 years ago
• PatrikFehrenbach / amass-tools
  ☆105Updated 5 years ago