Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates. `surf` is a tool that helps you to find and exploit SSRF vulnerabilities in modern cloud environments. It provides a simple and easy-to-use interface for filtering a list of hosts and returning a list of viable SSRF candidates. `surf` is a powerful tool that can help you to find and exploit SSRF vulnerabilities in modern cloud environments.
FEATURES
SIMILAR TOOLS
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
WiGLE.net is a platform that collects and provides data on WiFi networks and cell towers, with over 1.3 billion networks collected.
A website scanner that provides a sandbox for the web, allowing users to scan URLs and websites for potential threats and vulnerabilities.
A free DNS recursive service that blocks malicious host names and protects user privacy.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.