Surf - Escalate Your SSRF Vulnerabilities On Modern Cloud Environments | allinfosecnews.com

Sept. 18, 2023, 11:30 a.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com

surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by sending a HTTP request from your machine to each host, collecting all the hosts that did not respond, and then filtering them into a list of externally facing and internally facing hosts.

You can then attempt these hosts wherever an SSRF vulnerability may be present. Due to most SSRF filters only focusing on internal or restricted IP ranges, you'll be …

cloud cloud environments collecting environments facing filter host http https list machine request respond ssrf subdomains surf vulnerabilities vulnerability

More from www.kitploit.com / KitPloit - PenTest Tools!

OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log … 2 hours ago | www.kitploit.com

attack detection lfi detection oste-web-log-analyzer rfi detection +1

ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities 1 day, 2 hours ago | www.kitploit.com

ntlm post-exploitation powershell python +7

Galah - An LLM-powered Web Honeypot Using The OpenAI API 2 days, 2 hours ago | www.kitploit.com

galah golang llm openai api +3

CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training 3 days, 2 hours ago | www.kitploit.com

amsi antivirus crimsonedr dll +5

Url-Status-Checker - Tool For Swiftly Checking The Status Of URLs 3 days, 22 hours ago | www.kitploit.com

bugbountyautomation bugbounty tools httpx infosys +2

CSAF - Cyber Security Awareness Framework 5 days, 2 hours ago | www.kitploit.com

csaf cybersecurity awareness linux socks5 +2

Espionage - A Linux Packet Sniffing Suite For Automated MiTM Attacks 6 days, 2 hours ago | www.kitploit.com

arp-spoofing cybersecurity networking packet capture +5

HackerInfo - Infromations Web Application Security 1 week ago | www.kitploit.com

hackerinfo python python3

C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets 1 week ago | www.kitploit.com

c2-tracker cybersecurity infosec osint +7

Information Security Cyber Risk Analyst

@ Intel | USA - AZ - Chandler

View on infosec-jobs.com

Senior Cloud Security Engineer (Fullstack)

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Principal Product Security Engineer

@ Oracle | United States

View on infosec-jobs.com

Cybersecurity Strategy Director

@ Proofpoint | Sunnyvale, CA

View on infosec-jobs.com

Information Security Consultant/Auditor

@ Devoteam | Lisboa, Portugal

View on infosec-jobs.com

IT Security Engineer til Netcompany IT Services

@ Netcompany | Copenhagen, Denmark

View on infosec-jobs.com