exploiting-server-side-request-forgery
OfficialAutomate SSRF testing and exploitation in authorized penetration tests.
#penetration testing#web security#vulnerability testing#cloud security#ssrf#internal network scanning
Authorbalsm-health
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill automates the identification and exploitation of Server-Side Request Forgery (SSRF) vulnerabilities in authorized penetration tests, saving time and effort in security assessments.
Core Features & Use Cases
- Automated SSRF Identification: Scans applications for SSRF vulnerabilities and provides detailed reports.
- Cloud Metadata Access: Exploits SSRF to access cloud metadata services for credentials and configuration information.
- Internal Network Scanning: Discovers internal services and ports via SSRF.
- Filter Bypassing: Includes techniques to bypass SSRF filters and allowlists.
- Blind SSRF Detection: Identifies SSRF where the response is not returned to the attacker.
- Use Case: A penetration tester can use this Skill to automate the discovery of SSRF vulnerabilities in a web application during a security audit.
Quick Start
Use the ssrf skill to scan for SSRF vulnerabilities in the web application at 'https://target.example.com'.
Dependency Matrix
Required Modules
requestsSSRFmapinteractsh
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: exploiting-server-side-request-forgery Download link: https://github.com/balsm-health/Balsm-AI/archive/main.zip#exploiting-server-side-request-forgery Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.