SSRF plugin for burp that Automates SSRF Detection in all of the Request

Upcoming Features Checklist

How to Install/Build

Features

It also performs the following tests based on this research:

Reference:

https://portswigger.net/research/cracking-the-lens-targeting-https-hidden-attack-surface

GET http://burpcollab/some/endpoint HTTP/1.1
Host: example.com
...

and

GET @burpcollab/some/endpoint HTTP/1.1
Host: example.com
...

and

GET /some/endpoint HTTP/1.1
Host: example.com:80@burpcollab
...

and

GET /some/endpoint HTTP/1.1
Host: burpcollab
...

and

GET /some/endpoint HTTP/1.1
Host: example.com
X-Forwarded-Host: burpcollab
...

Scanning Options

Example

From here onwards you would fuzz the parameter to test for SSRF.

Video Demonstration

 

Download Ssrf-King

Leave a Reply

Your email address will not be published. Required fields are marked *