ssrf-scanner

Community

Find SSRF flaws before attackers do

Authorrickyananda
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps security testers and developers identify server-side request forgery weaknesses before they can be used to reach internal services, cloud metadata endpoints, or other unintended targets.

Core Features & Use Cases

  • Comprehensive SSRF Testing: Exercises local IP variations, cloud metadata endpoints, protocol handlers, encoded payloads, parameter injection points, port probes, DNS rebinding, CRLF injection, scheme confusion, and external callback checks.
  • Verification and Reporting: Uses baseline response comparison, content and header indicators, and timing analysis to reduce false positives and produce structured reports in multiple formats.
  • Use Case: Run a broad SSRF assessment against a web application, then review the generated findings to prioritize remediation of exploitable request paths and filter bypasses.

Quick Start

Ask the assistant to scan the target URL for SSRF issues and produce a report with the desired output format.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: ssrf-scanner
Download link: https://github.com/rickyananda/hermes-skills/archive/main.zip#ssrf-scanner

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 537,000+ vetted skills library on demand.