Server-side request forgery (SSRF) attacks

Contents

0 of 23

What is SSRF? 0 of 1

What is SSRF? Get started

What is the impact of SSRF attacks? 0 of 1

What is the impact of SSRF attacks?

Common SSRF attacks 0 of 6

Common SSRF attacks

SSRF attacks against the server

SSRF attacks against the server - Continued

Lab: Basic SSRF against the local server APPRENTICE

SSRF attacks against other back-end systems

Lab: Basic SSRF against another back-end system APPRENTICE

Circumventing common SSRF defenses 0 of 6

Circumventing common SSRF defenses

SSRF with blacklist-based input filters

Lab: SSRF with blacklist-based input filter PRACTITIONER

SSRF with whitelist-based input filters

Bypassing SSRF filters via open redirection

Lab: SSRF with filter bypass via open redirection vulnerability PRACTITIONER

Blind SSRF vulnerabilities 0 of 5

Blind SSRF vulnerabilities

What is the impact of blind SSRF vulnerabilities?

How to find and exploit blind SSRF vulnerabilities

How to find and exploit blind SSRF vulnerabilities - Continued

Lab: Blind SSRF with out-of-band detection PRACTITIONER

Finding hidden attack surface for SSRF vulnerabilities 0 of 4

Finding hidden attack surface for SSRF vulnerabilities

Partial URLs in requests

URLs within data formats

SSRF via the Referer header