ssrfuzz
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities
Details
Category: Vulnerabilities
Publisher: trickest-mhmdiaa
Created Date: 2/5/2022
Container: quay.io/trickest/ssrfuzz:34f0e89
Source URL: https://github.com/ryandamour/ssrfuzz
Parameters
delay
string
Command:
--delay - The time each threads waits between requests in milliseconds (default 100)cookie
string
Command:
--cookie - Cookie to use for requeststhreads
string
Command:
--threads - Number of threads to run ssrfuzz on (default 50)timeout
string
Command:
--timeout - The amount of time needed to close a connection that could be hung (default 10)verbose
string
Command:
--verbose - Verbose outputcrlf-path
string
Command:
--crlf-path - Add CRLF payloads to all available paths (ie: site.com/%0Atest.php)skip-crlf
boolean
Command:
--skip-crlf - Skip CRLF fuzzinghttp-method
string
Command:
--http-method - HTTP Method - GET or POST (default GET)skip-scheme
boolean
Command:
--skip-scheme - Skip scheme fuzzingskip-network
boolean
Command:
--skip-network - Skip network fuzzingslack-webhook
string
Command:
--slack-webhook - Slack webhook to send findings to a channeltarget-domains
file
requiredCommand:
--domains - Location of domains with PARAMETERS to scancustom-user-agent
string
Command:
--user-agent - User agent for requests (default Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36)