SSRFIRE
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
https://github.com/micha3lb3n/SSRFire
#appsec #web #ssrf #tools
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
https://github.com/micha3lb3n/SSRFire
#appsec #web #ssrf #tools
GitHub
GitHub - ksharinarayanan/SSRFire: An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options…
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects - ksharinarayanan/SSRFire
31k$ SSRF in Google Cloud Monitoring led to metadata exposure
Google Cloud Monitoring (formerly called Stackdriver) is a service, which provides monitoring for cloud resources (VM instances, App Engine, Cloud functions...). It is available from Google Cloud Console. This service offers monitoring, alerting, uptime checks of cloud resources and much more. It is important to note that the Google Cloud Monitoring service itself is running on Google Cloud virtual machines.
https://nechudav.blogspot.com/2020/11/31k-ssrf-in-google-cloud-monitoring.html
#bugbounty #web #ssrf
Google Cloud Monitoring (formerly called Stackdriver) is a service, which provides monitoring for cloud resources (VM instances, App Engine, Cloud functions...). It is available from Google Cloud Console. This service offers monitoring, alerting, uptime checks of cloud resources and much more. It is important to note that the Google Cloud Monitoring service itself is running on Google Cloud virtual machines.
https://nechudav.blogspot.com/2020/11/31k-ssrf-in-google-cloud-monitoring.html
#bugbounty #web #ssrf
Blogspot
31k$ SSRF in Google Cloud Monitoring led to metadata exposure
Update 25.01.2021: Added Google engineers exploit method for getting access token. Google Cloud Monitoring (formerly called Stackdriver)...