ssrf-ip-filter-bypass
OfficialBypass SSRF IP filters with address encoding.
Software Engineering#web-security#penetration-testing#ssrf#security-testing#cloud-metadata#ip-filter-bypass#address-encoding
Authordreadnode
Version1.0.0
Installs0
System Documentation
What problem does it solve?
SSRF endpoints with string-based IP validation block access to internal services and cloud metadata IPs (like 169.254.169.254 and 127.0.0.1) during authorized security testing, preventing testers from validating the full scope of SSRF vulnerabilities.
Core Features & Use Cases
- IP Encoding Variants: Provides all valid text representations (hex, octal, decimal, IPv6) for blocked IP addresses to bypass naive string/regex filters.
- URL Parsing Bypasses: Includes techniques like userinfo confusion, backslash path tricks, and scheme obfuscation to bypass filters that validate URL structure instead of resolved IPs.
- Use Case: Security testers use this skill to validate SSRF filter effectiveness by attempting to access cloud instance metadata and internal services that are blocked by basic string-based IP checks.
Quick Start
Use this skill to test an SSRF endpoint's IP filter by sending requests with hex-encoded AWS metadata IP addresses to attempt access to the cloud instance metadata service.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ssrf-ip-filter-bypass Download link: https://github.com/dreadnode/capabilities/archive/main.zip#ssrf-ip-filter-bypass Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.