Skip to content
/ BBSSRF Public

BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection

38 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

z3dc0ps/BBSSRF

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
assets
assets
 
 
README.md
README.md
 
 
bbssrf.py
bbssrf.py
 
 

Repository files navigation

BBSSRF - Bug Bounty SSRF

Version 1.0

Summary

BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection.

Features

The testing field must contain "BBSSRF" and this tool will automatically change it to dynamically generated payloads.

  • Generating dynamic payloads ✅
  • Testing Single URL ✅
  • Testing URLs list ✅
  • Testing request file ✅
  • STDIN input supported ✅
  • Threading requests ✅
  • Intercept request using proxy ✅

Installation

git clone https://github.com/z3dc0ps/BBSSRF
cd BBSSRF
python bbssrf.py -h

Usage

Note - Testing field must be replaced with "BBSSRF"

# Single URL
python3 bbssrf.py -b http://collaborator.com -u http://example.com/index.php?url=BBSSRF

# Multiple URLs
python3 bbssrf.py -b http://collaborator.com -f urllist.txt

# Request File
python3 bbssrf.py -b http://collaborator.com -r request.req

# STDIN input
cat urllist.txt | python3 bbssrf.py -b http://collaborator.com -s

# Proxy
python3 bbssrf.py -b http://collaborator.com -r request.req -x http://127.0.0.1:8080

Video

bbssrf.mp4

Credit

This tool was inspired by Thomas Houhou's autossrf.py.

Thanks to all Contributors

All contributions are welcomed.

About

BBSSRF - Bug Bounty SSRF is a powerful tool to check SSRF OOB connection

Resources

Readme
Activity

Stars

38 stars

Watchers

1 watching

Forks

9 forks
Report repository

Releases 1

BBSSRF_1.0 Latest
Nov 30, 2022

Packages

No packages published

Languages