A SSRF-Tool written in golang
Version 1.0
- Fetch endpoints from Javascript files ✅
- Bruteforce parameters ✅
- Find SSRF in those parameters ✅
- Match multiple patterns in the response ✅
- Check Post Request ❌
- Check Headers ❌
- Wordlist Creation
- Inject in every parameter one by one
- Very fast speed
- Inject into paths
- Silent Mode
- Fetch endpoints from Javascript files
- Bruteforce parameters
- Find SSRF in those parameters
- Match multiple patterns in the response
Make sure when creating wordlists or finding ssrf with my tool that the domains are resolved. You can use:
- httpx
- httprobe
- massdns
To do so.
Also, Make sure to customerise your patterns file for greater results
$ go get -u github.com/ethicalhackingplayground/ssrf-tool
$ subfinder -d yahoo.com -silent | httpx -silent >> domains | ssrf-tool -domains domains -payloads ssrf.txt -silent=false -paths=true -patterns patterns.txt
$ echo "https://www.twitter.com" | getJS -complete | ssrf-tool -gen=true
Can be used with other tools like subfinder & amass
$ echo "https://www.twitter.com" | getJS -complete | ssrf-tool -domains domains -silent=false -brute=true -gen=true -patterns patterns.txt -parameters params.txt
Can be used with other tools like subfinder & amass
$ ssrf-tool -domains domains -silent=false -patterns patterns.txt -paths=true -brute=false -payloads ssrf.txt
Can be used with other tools like subfinder & amass
$ echo "twitter.com" | waybackurls >> domains ; ssrf-tool -domains domains -silent=false -paths=false -payloads ssrf.txt
Can be used with other tools like subfinder & amass
If you get a bounty please support by buying me a coffee