An automated SSRF finder. Just give the domain name and your server and chill! ;) It also has options to find XSS and open redirects.
Syntax
./ssrfire.sh -d domain.com -s yourserver.com -f custom_file.txt -c cookies
domain.com ---> The domain for which you want to test
yourserver.com ---> Your server which detects SSRF. Eg. Burp collaborator
custom_file.txt ---> Optional argument. You give your own custom URLs instead of using gau
cookies ---> Optional argument. To send requests as an authenticated user
If you don't have burpsuite professional, you can use interact sh by the awesome projectdiscovery team as your server.
Requirements
Since this uses GAU, FFUF, qsreplace and OpenRedirex, you need GO and python 3.7+. You need not have the tools installed, as the script setup.sh will install everything. You just need to install python and GO. Even if you have the tools installed I would highly recommend you to install them again so that there no conflicts while setting the paths.
If you don't want to install the tools again, paste this code in your .profile in your home directory and source .profile them. Also, you have to make a small change in the ssrfire.sh....
Author
- BlogMay 2, 2022Lupo - Malware IOC Extractor and Debugging module for Malware Analysis Automation
- BlogMay 2, 2022DDexec - a technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process
- BlogApril 28, 2022ADReaper - A fast enumeration tool for Windows Active Directory Pentesting written in Go
- BlogApril 27, 2022Shhhloader - SysWhispers Shellcode Loader