Burp Scanner
Burp Suite's web vulnerability scanner
Product comparison
What's the difference between Pro and Enterprise Edition?
Downloads
Download the latest version of Burp Suite.
This learning path teaches you about server-side request forgery (SSRF). You'll learn about its impact, common techniques used in attacks, and how to defend against them.
0 of 23
What is SSRF? 0 of 1
What is SSRF? APPRENTICE Get started
What is the impact of SSRF attacks? 0 of 1
What is the impact of SSRF attacks? APPRENTICE
Common SSRF attacks 0 of 6
Common SSRF attacks APPRENTICE
SSRF attacks against the server APPRENTICE
SSRF attacks against the server - Continued APPRENTICE
Lab: Basic SSRF against the local server APPRENTICE
SSRF attacks against other back-end systems APPRENTICE
Lab: Basic SSRF against another back-end system APPRENTICE
Circumventing common SSRF defenses 0 of 6
Circumventing common SSRF defenses APPRENTICE
SSRF with blacklist-based input filters APPRENTICE
Lab: SSRF with blacklist-based input filter PRACTITIONER
SSRF with whitelist-based input filters APPRENTICE
Bypassing SSRF filters via open redirection APPRENTICE
Lab: SSRF with filter bypass via open redirection vulnerability PRACTITIONER
Blind SSRF vulnerabilities 0 of 5
Blind SSRF vulnerabilities APPRENTICE
What is the impact of blind SSRF vulnerabilities? APPRENTICE
How to find and exploit blind SSRF vulnerabilities APPRENTICE
How to find and exploit blind SSRF vulnerabilities - Continued APPRENTICE
Lab: Blind SSRF with out-of-band detection PRACTITIONER
Finding hidden attack surface for SSRF vulnerabilities 0 of 4
Finding hidden attack surface for SSRF vulnerabilities APPRENTICE
Partial URLs in requests APPRENTICE
URLs within data formats APPRENTICE
SSRF via the Referer header APPRENTICE
