ssrf-scanner
CommunityFind SSRF flaws before attackers do
Software Engineering#web security#pentesting#request analysis#vulnerability scanning#payloads#ssrf#cloud metadata
Authorrickyananda
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps security testers and developers identify server-side request forgery weaknesses before they can be used to reach internal services, cloud metadata endpoints, or other unintended targets.
Core Features & Use Cases
- Comprehensive SSRF Testing: Exercises local IP variations, cloud metadata endpoints, protocol handlers, encoded payloads, parameter injection points, port probes, DNS rebinding, CRLF injection, scheme confusion, and external callback checks.
- Verification and Reporting: Uses baseline response comparison, content and header indicators, and timing analysis to reduce false positives and produce structured reports in multiple formats.
- Use Case: Run a broad SSRF assessment against a web application, then review the generated findings to prioritize remediation of exploitable request paths and filter bypasses.
Quick Start
Ask the assistant to scan the target URL for SSRF issues and produce a report with the desired output format.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ssrf-scanner Download link: https://github.com/rickyananda/hermes-skills/archive/main.zip#ssrf-scanner Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 537,000+ vetted skills library on demand.