BBSSRF - Bug Bounty SSRF

Version 1.0

Summary

BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection.

Features

The testing field must contain "BBSSRF" and this tool will automatically change it to dynamically generated payloads.

Generating dynamic payloads ✅
Testing Single URL ✅
Testing URLs list ✅
Testing request file ✅
STDIN input supported ✅
Threading requests ✅
Intercept request using proxy ✅

Installation

git clone https://github.com/z3dc0ps/BBSSRF
cd BBSSRF
python bbssrf.py -h

Usage

Note - Testing field must be replaced with "BBSSRF"

# Single URL
python3 bbssrf.py -b http://collaborator.com -u http://example.com/index.php?url=BBSSRF

# Multiple URLs
python3 bbssrf.py -b http://collaborator.com -f urllist.txt

# Request File
python3 bbssrf.py -b http://collaborator.com -r request.req

# STDIN input
cat urllist.txt | python3 bbssrf.py -b http://collaborator.com -s

# Proxy
python3 bbssrf.py -b http://collaborator.com -r request.req -x http://127.0.0.1:8080

Video

bbssrf.mp4

Credit

This tool was inspired by Thomas Houhou's autossrf.py.

Thanks to all Contributors

All contributions are welcomed.

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
assets		assets
README.md		README.md
bbssrf.py		bbssrf.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

assets

assets

README.md

README.md

bbssrf.py

bbssrf.py

Repository files navigation

BBSSRF - Bug Bounty SSRF

Version 1.0

Summary

Features

Installation

Usage

Note - Testing field must be replaced with "BBSSRF"

Video

Credit

Thanks to all Contributors

About

Releases 1

Packages

Languages

z3dc0ps/BBSSRF

Folders and files

Latest commit

History

Repository files navigation

BBSSRF - Bug Bounty SSRF

Version 1.0

Summary

Features

Installation

Usage

Note - Testing field must be replaced with "BBSSRF"

Video

Credit

Thanks to all Contributors

About

Resources

Stars

Watchers

Forks

Languages