SSRFmap

✨ deeznutz

✨ deeznutz

✨ Master ✨
Staff member
Joined
May 15, 2017
Messages
981
Likes
760
Points
1,045
SSRF are often used to leverage actions on other services, this framework aims to find and exploit these services easily.

SSRFmap takes a Burp request file as input and a parameter to fuzz.

Server Side Request Forgery or SSRF is a vulnerability in which an attacker forces a server to perform requests on their behalf.
Guide / RTFM
Basic install from the Github repository.

Code:
git clone https://github.com/swisskyrepo/SSRFmap cd SSRFmap/ python3 ssrfmap.py usage: ssrfmap.py [-h] [-r REQFILE] [-p PARAM] [-m MODULES] [--lhost LHOST] [--lport LPORT] [--level LEVEL] optional arguments: -h, --help show this help message and exit -r REQFILE SSRF Request file -p PARAM SSRF Parameter to target -m MODULES SSRF Modules to enable -l HANDLER Start an handler for a reverse shell --lhost LHOST LHOST reverse shell --lport LPORT LPORT reverse shell --level [LEVEL] Level of test to perform (1-5, default: 1)
Click to expand...
Download SSRFmap
 
You must log in or register to reply here.
Top Bottom