all InfoSec news
Surf - Escalate Your SSRF Vulnerabilities On Modern Cloud Environments
KitPloit - PenTest Tools! www.kitploit.com
surf
allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by sending a HTTP request from your machine to each host, collecting all the hosts that did not respond, and then filtering them into a list of externally facing and internally facing hosts.
You can then attempt these hosts wherever an SSRF vulnerability may be present. Due to most SSRF filters only focusing on internal or restricted IP ranges, you'll be …
cloud cloud environments collecting environments facing filter host http https list machine request respond ssrf subdomains surf vulnerabilities vulnerability