SSRF Discovery at Scale: A Multi-Program Study Using Automated Reconnaissance and — Hayula Research
Hayula AI Lab
Abstract
We present a large-scale automated study of Server-Side Request Forgery (SSRF) vulnerabilities across 23 major bug bounty programs using a structured pipeline combining reconnaissance automation, multi-endpoint probing, response classification, and LLM-enriched analysis via the Saif cybersecurity AI system. Over a two-week period, we probed 23 programs using three standardized SSRF test endpoints — /proxy?url=, /fetch?url=, and /redirect?url= — and classified responses on a five-tier severity sc
Files
| File | Description |
|---|---|
paper.md |
Full paper (Markdown) |
README.md |
This model card |
Citation
@techreport{hayulalab2026ssrfdiscoveryatscale,
title={SSRF Discovery at Scale: A Multi-Program Study Using Automated Reconnaissance and — Hayula Research},
author={Hayula AI Lab},
year={2026},
url={https://huggingface.co/hayulalab/ssrf-discovery-at-scale-paper}
}
hayulalab — Open Source AI Research
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support