XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities

Wicked sick v2.0 script is intended to automate your reconnaissance process in an organized fashion.

Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSRF

Proof-of-Concept for Server Side Request Forgery (SSRF) in request-baskets (<= v.1.2.1)

a powerful tool designed to automate the detection of Server-Side Request Forgery (SSRF) and Open Redirect vulnerabilities

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.

Professional modular web security audit framework for Debian/Ubuntu. 15+ modules: recon, SQLi, XSS, SSRF, CMS, CORS, takeover & more.

gf patterns for security research

Parameter fuzzer for finding hidden parameters and SSRF. Useful for bug bounty or external pentest.

CVE-2023-27163 - Request Baskets SSRF

This repository contains a proof of concept (POC) for CVE-2026-32255, a high-severity Server-Side Request Forgery (SSRF) vulnerability in Kan, an open-source project management tool.

BlackBounty is a high-performance, automated reconnaissance and vulnerability scanning pipeline designed for large-scale bug hunting. It leverages a dynamic proxy-rotation system to bypass WAFs and IP-based rate limiting.

hardengkec ☸️🪨🧭 : Hardening GKE Cluster # Kubernetes # PodSecurityPolicy # DevSecOps # SSRF # PSA # RCE