SSRFire – an automated SSRF finder

An automated SSRF finder. Just give the domain name and your server and chill! 😉 It also has options to find XSS and open redirects.

SSRFIRE —> The domain for which you want to test —> Your server which detects SSRF. Eg. Burp collaborator

custom_file.txt —> Optional argument. You give your own custom URLs instead of using gau

cookies —> Optional argument. To send requests as an authenticated user

If you don’t have burpsuite professional, you can use interact sh by the awesome projectdiscovery team as your server.

ffuf –

qspreplace –

OpenRedireX –

Thanks to all the authors of the tools.

Original repository:

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button