timing-attack-recon
OfficialUncover hidden web attack surfaces via timing analysis.
Software Engineering#web-security#ssrf#timing-attack#red-teaming#hidden-parameters#response-time-analysis#header-fuzzing
Authordreadnode
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Traditional web fuzzing often misses hidden backend parameters, internal routing headers, and scoped SSRF vulnerabilities because all responses return uniform bodies, but server-side processing delays reveal these invisible attack surfaces.
Core Features & Use Cases
- Hidden Parameter Discovery: Identifies unexposed backend parameters that trigger server-side logic (like database queries or debug modes) without altering response content.
- Header Abuse Detection: Finds headers such as X-Forwarded-For that modify proxy routing or access control, enabling bypasses of IP-based restrictions.
- Scoped SSRF Enumeration: Detects proxy endpoints that route to internal services by comparing response times for external domains versus internal IPs and subdomains.
- Use Case: A red teamer testing a public API that returns 200 OK for all inputs can use this skill to find hidden admin endpoints or internal SSRF vectors that manual testing and body-based fuzzing would miss.
Quick Start
Use the timing-attack-recon skill to discover hidden parameters and scoped SSRF vectors on the target web application at https://target.com.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: timing-attack-recon Download link: https://github.com/dreadnode/capabilities/archive/main.zip#timing-attack-recon Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.