← Back to All Scanners
Web VulnerabilitiesHigh Severity

SSRF - Basic Scanner

Tests for server-side request forgery allowing requests to internal resources.

Try This Scanner

What is SSRF - Basic?

Server-Side Request Forgery (SSRF) occurs when an attacker can make a server perform HTTP requests to arbitrary destinations. This allows access to internal services, cloud metadata endpoints, and systems behind firewalls that trust requests from the vulnerable server.

Why is This Important?

SSRF can access internal services, databases, and admin panels not exposed to the internet. In cloud environments, it can retrieve instance metadata containing credentials. It's a pivot point for attacking internal infrastructure.

How It Works

1. Web Crawling

Intelligent crawling discovers all endpoints, forms, parameters, and dynamic content across your web application.

2. Payload Injection

AI-powered payloads test each input vector for web vulnerabilities with context-aware attack patterns.

3. Response Analysis

Advanced analysis detects vulnerability signatures in responses, confirming exploitability with proof-of-concept.

Key Capabilities

Industry-leading web security testing powered by AI, trusted by security teams worldwide for accurate vulnerability detection.

  • Deep web crawling with JavaScript rendering support
  • Context-aware payload generation for each parameter
  • False positive elimination through response analysis
  • OWASP Top 10 and CWE compliance mapping
  • Seamless CI/CD and DevSecOps integration

Frequently Asked Questions

What internal resources do attackers target?

Internal admin panels, databases, Redis/Memcached, Elasticsearch, internal APIs, Docker API, Kubernetes API, and other services only accessible internally.

How does SSRF bypass firewalls?

Internal services often trust requests from the same network. The vulnerable server is inside the firewall, so its requests bypass perimeter controls.

What URL schemes can be abused?

Beyond HTTP/HTTPS, attackers try file://, gopher://, dict://, and other schemes to interact with various services or read local files.

Can DNS rebinding bypass SSRF protections?

Yes, DNS rebinding can bypass IP-based allowlists by resolving to an allowed IP during validation, then resolving to an internal IP when the actual request is made.

Related Scanners

SQL Injection - Error BasedCritical
Learn more →
SQL Injection - Blind BooleanCritical
Learn more →
SQL Injection - Time BasedCritical
Learn more →
SQL Injection - Union BasedCritical
Learn more →

Ready to secure your application?

Start testing for ssrf - basic vulnerabilities today.

Get Started Free