ssrf-king: Automates SSRF Detection in all of the Request
SSRF plugin for burp that Automates SSRF Detection in all of the Request
Upcoming Features Checklist
- ✔️ It will soon have a user Interface to specify your own call back payload
- It will soon be able to test Json & XML
- ✔️ Test all of the requests for any external interactions.
- ✔️ Checks to see if any interactions are not the user’s IP if it is, it’s an open redirect.
- ✔️ Alerts the user for any external interactions with information such as:
- Endpoint Vulnerable
- Location Found
It also performs the following tests based on this research.
- ✔️ Supports Both Passive & Active Scanning.
From here onwards you would fuzz the parameter to test for SSRF.
Copyright (c) 2021 Krypt0mux