Server-Side Request Forgery (SSRF) is a vulnerability that allows an attacker to force a server to send requests to arbitrary addresses, which can lead to data leakage or placement of malicious code
In this case, the attacker can control either the entire request or its individual parts (for example, the domain)
1. curl: (https://curl.se/) A command utility for sending requests to URLs. Often used in scripts for testing SSRF vulnerabilities.
2. Postman: (https://www.postman.com/) An API tool that allows you to send HTTP requests to a server, modifying them as needed. Can be useful for testing server behavior.
3. Gobuster: (https://github.com/OJ/gobuster) A tool for bruteforcing paths and subdomains. It can be used to find vulnerable points where SSRF can be useful.
4. Fiddler: (https://www.telerik.com/fiddler) A network debugger for HTTP that can capture and modify traffic, including requests to the server. Useful for testing the server's response to various links.
5. RequestBin: (https://requestbin.com/) A service for testing HTTP requests. Can be used to receive and analyze requests that are sent through SSRF vulnerabilities.
