exploiting-server-side-request-forgery

Official

Automate SSRF testing and exploitation in authorized penetration tests.

Authorbalsm-health
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill automates the identification and exploitation of Server-Side Request Forgery (SSRF) vulnerabilities in authorized penetration tests, saving time and effort in security assessments.

Core Features & Use Cases

  • Automated SSRF Identification: Scans applications for SSRF vulnerabilities and provides detailed reports.
  • Cloud Metadata Access: Exploits SSRF to access cloud metadata services for credentials and configuration information.
  • Internal Network Scanning: Discovers internal services and ports via SSRF.
  • Filter Bypassing: Includes techniques to bypass SSRF filters and allowlists.
  • Blind SSRF Detection: Identifies SSRF where the response is not returned to the attacker.
  • Use Case: A penetration tester can use this Skill to automate the discovery of SSRF vulnerabilities in a web application during a security audit.

Quick Start

Use the ssrf skill to scan for SSRF vulnerabilities in the web application at 'https://target.example.com'.

Dependency Matrix

Required Modules

requestsSSRFmapinteractsh

Components

scriptsreferences

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: exploiting-server-side-request-forgery
Download link: https://github.com/balsm-health/Balsm-AI/archive/main.zip#exploiting-server-side-request-forgery

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.