chain-ssrf-to-rce

star 4.3k

Build and validate SSRF pivot chains toward metadata/infra control and final code execution impact.

PurpleAILAB By PurpleAILAB schedule Updated 6/2/2026
play_arrow Run Skill in Manus View GitHub

name: chain-ssrf-to-rce description: Build and validate SSRF pivot chains toward metadata/infra control and final code execution impact. metadata: subdomain: web-exploitation when_to_use: "ssrf chain rce remote code execution pivot cloud metadata imds iam role gopher dns rebinding"

Chain: SSRF to RCE

Canonical path

  1. SSRF reaches metadata/internal control plane.
  2. Extract credential/token or access internal admin API.
  3. Use credential to deploy or execute payload.
  4. Confirm code execution and business impact.

Graph guidance

  • Add enables edges for each pivot.
  • Lower weights for direct pivots; higher for speculative pivots.
  • Run plan_attack_chains and then suggest_objectives_from_chains.
Install via CLI
npx skills add https://github.com/PurpleAILAB/Decepticon --skill chain-ssrf-to-rce
Repository Details
star Stars 4,323
call_split Forks 860
navigation Branch main
article Path SKILL.md
Occupations
Information Security Analysts
More from Creator
PurpleAILAB
PurpleAILAB Explore all skills →