Skill UI

This tool is designed for security professionals to test for Server-Side Request Forgery (SSRF) vulnerabilities. It systematically probes user-controllable URL parameters to identify access to internal network services, cloud metadata endpoints (AWS/GCP/Azure), and restricted local resources. It supports various payload techniques, including protocol handlers (gopher, file), IP encoding, and DNS rebinding, making it essential for thorough security assessments and penetration testing.

This comprehensive playbook details expert techniques for exploiting Server-Side Request Forgery (SSRF). It covers bypassing URL filters, accessing cloud metadata endpoints (AWS, GCP, Azure), utilizing advanced protocols like Gopher, and chaining vulnerabilities to achieve Remote Code Execution (RCE) in real-world scenarios. Ideal for penetration testers and security researchers.