SSRF Target Simulator

Learn Server-Side Request Forgery by doing it — craft bypasses against a simulated internal network and reach the cloud metadata endpoint. Nothing here ever touches the real network.

🛡 100% simulated · never makes a real request · works offline
1

Request console

A simulated vulnerable app fetches whatever URL you give it. Pick a defense, craft a URL, and see exactly where the filter and the fetcher disagree. Goal: reach the cloud metadata service.

Simulated internal network
🛡 Fully simulated — this tool never makes a real network request.
Bypass cheat-sheet click a row to load it into the console
TechniquePayload
2

Challenge levels

Five levels, each with a stronger defense. The goal is always the same: reach the metadata endpoint and leak the IAM credentials. Each success explains why the bypass worked.