GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → junnlikestea → bulkssrf

junnlikestea / bulkssrf

Licence: Unlicense license
Tests for SSRF by injecting a specified location into different headers. This is a Rust port of m4ll0k's tool.

Programming Languages

rust
11053 projects

Labels

asynctokio-rsssrfbugbounty-tool

Projects that are alternatives of or similar to bulkssrf

Priest
Extract server and IP address information from Browser SSRF
Stars: ✭ 13 (-62.86%)
Mutual labels:  ssrf, bugbounty-tool
rmp-rpc
a msgpack-rpc rust library based on tokio
Stars: ✭ 45 (+28.57%)
Mutual labels:  tokio-rs
Ssrf Testing
SSRF (Server Side Request Forgery) testing resources
Stars: ✭ 1,718 (+4808.57%)
Mutual labels:  ssrf
exprolog
ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)
Stars: ✭ 131 (+274.29%)
Mutual labels:  ssrf
mux-stream
(De)multiplex asynchronous streams
Stars: ✭ 34 (-2.86%)
Mutual labels:  tokio-rs
VPS-Bug-Bounty-Tools
Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (+25.71%)
Mutual labels:  bugbounty-tool
Resources For Beginner Bug Bounty Hunters
A list of resources for those interested in getting started in bug bounties
Stars: ✭ 7,185 (+20428.57%)
Mutual labels:  ssrf
risso
A comment server written in Rust
Stars: ✭ 16 (-54.29%)
Mutual labels:  tokio-rs
HostPanic
Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-34.29%)
Mutual labels:  bugbounty-tool
mio-aio
POSIX AIO bindings for mio
Stars: ✭ 18 (-48.57%)
Mutual labels:  tokio-rs
Blind-SSRF
Nuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+217.14%)
Mutual labels:  ssrf
tokio-linux-aio
Support for Linux kernel aio within Tokio.
Stars: ✭ 49 (+40%)
Mutual labels:  tokio-rs
magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+1265.71%)
Mutual labels:  bugbounty-tool
rodbus
Rust implementation of Modbus with idiomatic bindings for C, C++, .NET, and Java
Stars: ✭ 34 (-2.86%)
Mutual labels:  tokio-rs
ssrf-vuls
国光的手把手带你用 SSRF 打穿内网靶场源码
Stars: ✭ 235 (+571.43%)
Mutual labels:  ssrf
proxylogscan
A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).
Stars: ✭ 145 (+314.29%)
Mutual labels:  ssrf
CVE-2020-36179
CVE-2020-36179~82 Jackson-databind SSRF&RCE
Stars: ✭ 77 (+120%)
Mutual labels:  ssrf
Virtual-Host
Modified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (+8.57%)
Mutual labels:  ssrf
AttackSurfaceManagement
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+28.57%)
Mutual labels:  bugbounty-tool
ssrf filter
A ruby gem for defending against Server Side Request Forgery (SSRF) attacks
Stars: ✭ 68 (+94.29%)
Mutual labels:  ssrf
View All Similar Projects ➔

BulkSSRF (bssrf)

release Build status

This is a Rust port of m4ll0k ssrf.py script.

Installation

Precompiled binaries for bssrf are available in the releases tab. Just pick your platform and extract the archive that contains the binary.

Building it yourself

If you want to build it yourself you will need to install Rust, you can get the official installation from the Rust website.

To build BulkSSRF:

$ git clone https://github.com/junnlikestea/bulkssrf
$ cd bulkssrf
$ cargo build --release
$ ./target/release/bssrf --version

Usage

With a list of urls in a file:

bssrf -f path/to/file.txt -l xyzburpcollaborator.com

Using a tool like gau to feed bssrf urls:

gau hackerone.com | bssrf -l xyzburpcollaborator.com

By default the program has timeout set to 5 seconds, but you can alter that with the -t flag, you can also add various debugging info with the -v for verbose flag:

gau hackerone.com | bssrf -v -t 10 -l xyzburpcollaborator.com

If you want to feed the traffic through an http proxy you can use the -p or -replay-proxy flag.

gau hackerone.com | bssrf -l xyzburpcollaborator.com -p http://127.0.0.1:8080

Common error

BulkSSRF uses async concurrent http requests under the hood. If you encounter an error similar to "Too many open files" it means that there isn't enough available file descriptors on your system. You can fix this by increasing the limits available. There are lots of different guides available to increase the limits, but here is one for linux. I actually ran into this problem while writing the code.

Disclaimer

Developers have/has no responsibility or authority over any kind of:

  • Legal or Law infringement by third parties and users.
  • Malicious use capable of causing damage to third parties.
  • Illegal or unlawful use of bulkssrf.

Thanks to 0xatul for the feedback!

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].