Show HN: Dssrf – A safe‑by‑construction SSRF defense library for Node.js
I built dssrf, a safe-by-construction SSRF defense library for Node.js apps.
Most existing SSRF libraries rely on blacklists or regex checks, which are easy to bypass. dssrf takes a different approach based on normalization, DNS resolution, redirect validation, and IP classification.
Key features: – URL normalization RFC compliant – DNS resolution + IP classification – Redirect chain validation – IPv4/IPv6 safety – Rebinding detection – Protocol restrictions – TypeScript types included
The goal is to eliminate entire classes of classic SSRF vulnerability and it bypasses rather than patching individual payloads.
GitHub: https://github.com/HackingRepo/dssrf-js npm: https://www.npmjs.com/package/dssrf
I love feedback, edge cases, and contributions from the community.
No comments yet.