BBSSRF - Bug Bounty SSRF

Version 1.0

Summary

BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection.

Features

The testing field must contain "BBSSRF" and this tool will automatically change it to dynamically generated payloads.

Generating dynamic payloads ✅
Testing Single URL ✅
Testing URLs list ✅
Testing request file ✅
STDIN input supported ✅
Threading requests ✅
Intercept request using proxy ✅

Installation

git clone https://github.com/z3dc0ps/BBSSRF
cd BBSSRF
python bbssrf.py -h

Usage

Note - Testing field must be replaced with "BBSSRF"

# Single URL
python3 bbssrf.py -b http://collaborator.com -u http://example.com/index.php?url=BBSSRF

# Multiple URLs
python3 bbssrf.py -b http://collaborator.com -f urllist.txt

# Request File
python3 bbssrf.py -b http://collaborator.com -r request.req

# STDIN input
cat urllist.txt | python3 bbssrf.py -b http://collaborator.com -s

# Proxy
python3 bbssrf.py -b http://collaborator.com -r request.req -x http://127.0.0.1:8080

Video

https://user-images.githubusercontent.com/61974788/204865851-032a3d9a-c825-49d4-8cae-21266475a5ee.mp4

Credit

This tool was inspired by Thomas Houhou's autossrf.py.

Thanks to all Contributors

All contributions are welcomed.

BBSSRF
BBSSRF copied to clipboard

Metadata

BBSSRF - Bug Bounty SSRF

Version 1.0

Summary

Features

Installation

Usage

Note - Testing field must be replaced with "BBSSRF"

Video

Credit

Thanks to all Contributors

← Metadata

Owner

Metadata

BBSSRF BBSSRF copied to clipboard

Metadata

BBSSRF - Bug Bounty SSRF

Version 1.0

Summary

Features

Installation

Usage

Note - Testing field must be replaced with "BBSSRF"

Video

Credit

Thanks to all Contributors

← Metadata

Owner

Metadata

BBSSRF
BBSSRF copied to clipboard