ssrf-testing

Name: ssrf-testing
Rating: 5 (1 reviews)
Author: Lu1sDV

Use when testing for SSRF in web applications, accessing internal services through SSRF, bypassing SSRF filters, auditing applications that fetch user-supplied URLs, or implementing SSRF prevention. Covers blind and non-blind SSRF, cloud metadata exploitation, protocol smuggling, and defense strategies.

1stars

Updated 27 days ago

View on GitHub ↗

How to add

/plugin marketplace add Lu1sDV/skillsmd

The exact command may vary by repository. Check the README on GitHub.

For the skill author

Drop this on your repo README

Shows your skill is listed on Skillteca, generates a backlink and trackable traffic.

[![Listada na Skillteca](https://www.skillteca.com.br/api/badge/ssrf-testing/svg)](https://www.skillteca.com.br/skills/ssrf-testing?utm_source=badge&utm_medium=readme&utm_campaign=badge)

#test

Related skills

See all in Dados e Análise →

xlsx

143.8k

Use this skill for any task involving spreadsheet files as primary input or output, such as opening, reading, editing, fixing, creating, or converting .xlsx, .xlsm, .csv, or .tsv files.

Dados e Análise#xlsxby anthropics

mem-search

79.7k

Searches claude-mem's persistent cross-session memory database. Use this to answer questions about previous solutions or retrieve work from past sessions.

Dados e Análise#aiby thedotmack

weekly-digests

79.7k

Generates a week-by-week narrative digest of a project's Claude-mem timeline, splitting it into ISO-week files and using subagents to produce weekly chapters. Ideal for "weekly digests" or "narrative chapters" of a project's history.

Dados e Análise#aiby thedotmack

how-it-works

79.7k

This skill explains how claude-mem captures observations, when memory injection occurs, and where its data is stored.

Dados e Análise#aiby thedotmack

Category alert

Get new Dados e Análise skills every Monday

One short email with only the new Dados e Análise skills. 4 minutes of reading, no spam, unsubscribe with one click.

You confirm your email on the first send. No spam. Unsubscribe with one click.

SSRF Testing & Prevention

Overview

Find, exploit, and fix Server-Side Request Forgery. SSRF tricks the server into making HTTP requests to unintended destinations -- accessing internal services, cloud metadata, or other systems that the server can reach but the attacker cannot.

Normal flow:
  User -> Server -> External API (intended)

SSRF attack:
  User sends: url=http://169.254.169.254/latest/meta-data/
  Server -> AWS Metadata Service (unintended)
  Server returns: IAM credentials

[Description truncada. Veja o README completo no GitHub.]

ShareX LinkedIn

Comments · No comments

No comments yet. Be the first.