cybernetic
← library

Find and exploit open redirects

offensive-open-redirectskillsetup L22,144
SnailSploit/Claude-Red
What it does

Exploit open redirect vulnerabilities

Best for

Chaining open redirect with phishing or SSRF when URL parameters trust user input

Inputs
  • · Web app with URL redirect endpoints
  • · Parameter list (redirect, url, return, next, etc.)
Outputs
  • · Successful redirect to attacker-controlled domain
  • · Exploitation chain for phishing or SSRF
Requires
  • · Browser or HTTP client
Preconditions
  • · Redirect endpoint identified
  • · Parameter names known or enumerable
Failure modes
  • · Whitelist blocks external redirects
  • · URL validation prevents abuse
  • · Referrer policy limits phishing impact
Trust signals
  • · Covers direct redirects and meta-refresh bypasses
  • · Includes SSRF chaining techniques
  • · Demonstrates phishing and credential harvesting