Automatic SSRF fuzzer and exploitation tool
-
Updated
Jun 10, 2024 - Python
Automatic SSRF fuzzer and exploitation tool
SSRF (Server Side Request Forgery) testing resources
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
A ruby gem for defending against Server Side Request Forgery (SSRF) attacks
Proof-of-Concept for Server Side Request Forgery (SSRF) in request-baskets (<= v.1.2.1)
Module to prevent SSRF when sending requests in NodeJS. Blocks request to local and private IP addresses
An ongoing & curated collection of awesome web vulnerability - Server-side request forgery software practices and remediation, libraries and frameworks, best guidelines and technical resources about SSRF
Example exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).
this a ssrf scripts
Server-Side Request Forgery (SSRF) protection plugin for HTTPlug
CloudSSRFer tests SSRF on Amazon AWS cloud to extract sensitive information.
Gopher HTTP requests (POST/GET)
node package to use ssrfproxy.com for protection against server side request forgery
CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice
The repository includes various vulnerbilities, their types, identification, exploitation and mitigations along with payloads. Includes: Cross-Site Scripting (XSS) SQL Injection (SQLi) Directory Traversal Command Injection
Spring boot application developed to learn how to use the framework and understand how vulnerabilities are manifested in the application and how to prevent them.
Add a description, image, and links to the server-side-request-forgery topic page so that developers can more easily learn about it.
To associate your repository with the server-side-request-forgery topic, visit your repo's landing page and select "manage topics."