GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → dreadlocked → Ssrfmap

dreadlocked / Ssrfmap

Simple Server Side Request Forgery services enumeration tool.

Programming Languages

ruby
36898 projects - #4 most used programming language

Labels

pentestingmapenumerationbug-bounty

Projects that are alternatives of or similar to Ssrfmap

Dirsearch
Web path scanner
Stars: ✭ 7,246 (+14392%)
Mutual labels:  pentesting, bug-bounty, enumeration
Php Enum
Simple and fast implementation of enumerations with native PHP
Stars: ✭ 446 (+792%)
Mutual labels:  enumeration, map
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+664%)
Mutual labels:  pentesting, enumeration
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+918%)
Mutual labels:  pentesting, bug-bounty
Offensive Docker
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+556%)
Mutual labels:  pentesting, bug-bounty
Black Hat Rust
Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+562%)
Mutual labels:  pentesting, bug-bounty
Dostoevsky Pentest Notes
Notes for taking the OSCP in 2097. Read in book form on GitBook
Stars: ✭ 495 (+890%)
Mutual labels:  pentesting, enumeration
Dumpall
一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (+400%)
Mutual labels:  pentesting, bug-bounty
Sn0int
Semi-automatic OSINT framework and package manager
Stars: ✭ 814 (+1528%)
Mutual labels:  pentesting, bug-bounty
Subover
A Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+1114%)
Mutual labels:  pentesting, bug-bounty
Injuredandroid
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+534%)
Mutual labels:  pentesting, bug-bounty
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+1640%)
Mutual labels:  pentesting, enumeration
Vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+438%)
Mutual labels:  pentesting, bug-bounty
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+640%)
Mutual labels:  pentesting, enumeration
Webanalyze
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
Stars: ✭ 311 (+522%)
Mutual labels:  pentesting, enumeration
Nullinux
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+802%)
Mutual labels:  pentesting, enumeration
roboxtractor
Extract endpoints marked as disallow in robots files to generate wordlists.
Stars: ✭ 40 (-20%)
Mutual labels:  enumeration, bug-bounty
sub404
A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+310%)
Mutual labels:  bug-bounty, pentesting
Bugcrowd Levelup Subdomain Enumeration
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+926%)
Mutual labels:  pentesting, enumeration
Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (+1618%)
Mutual labels:  pentesting, enumeration
View All Similar Projects ➔

SSRFmap

A simple service scanner for Server Side Request Forgery vulnerabilities.

Installation

bundle install

Options

-u, --url URL                    [Required] Vulnerable URL
-r, --range TARGET RANGE         [Optional] Target IP range to scan by CIDR (default: 127.0.0.1/32
-t, --target TARGET URL          [Optional] Target URL address or hostname
-d, --data POST_PARAMETERS       [Optional] POST parameters quoted: 'param1=a&param2=b'
-m, --method METHOD              [Optional] HTTP Verb to use, default is GET
    --regex REGEX                [Optional] String to identify false results (in case target always returns 200 OK)
-l, --length LENGTH              [Optional] Response length to identify false results (in case target always returns 200 OK)
-T, --threads LEVEL              [Optional] Aggressivity level [1,2,3,4,5], more aggressive means more requests per second. (default: 3)
-p, --port PORT                  [Optional] Scans for one port
-A, --all                        [Optional] Scan all ports (only in scan mode)
    --base64                     [Optional] Encode payload in base64
-h, --help                       Prints this help

Usage examples

Request a single resource via GET request

ruby ssrfmap.rb --url http://www.example.com/controller?url=_SSRF_ --target http://169.254.169.254/

Request a single resource via POST request

ruby ssrfmap.rb --url http://www.example.com/controller --data "url=_SSRF_" --target http://169.254.169.254/

Default range scan on 127.0.0.1/32 via GET requests

ruby ssrfmap.rb --url http://www.example.com/controller?url=_SSRF_

Range scan on 192.168.0.0/24 via GET requests

ruby ssrfmap.rb --url http://www.example.com/controller?url=_SSRF_ --range 192.168.0.0/24

Specify a regex for those website who always return 200 OK

ruby ssrfmap.rb --url http://www.example.com --data "{\"url\":\"_SSRF_\"}" --regex "Example Domain"

Dependencies

Gem Version
typhoeus *
netaddr 1.5.1
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].