Research Academy
My account Customers About Blog Careers Legal Contact Resellers
Back to all learning paths
PRACTITIONER

Server-side request forgery (SSRF) attacks

This learning path teaches you about server-side request forgery (SSRF). You'll learn about its impact, common techniques used in attacks, and how to defend against them.

Contents

Get started: Lab: Basic SSRF against the local server

0 of 23

GET STARTED

What is SSRF? 0 of 1

What is SSRF? APPRENTICE

What is the impact of SSRF attacks? 0 of 1

What is the impact of SSRF attacks? APPRENTICE

Common SSRF attacks 0 of 6

Lab: Basic SSRF against the local server APPRENTICE Get started

Lab: Basic SSRF against another back-end system APPRENTICE

Common SSRF attacks APPRENTICE

SSRF attacks against the server APPRENTICE

SSRF attacks against the server - Continued APPRENTICE

SSRF attacks against other back-end systems APPRENTICE

Circumventing common SSRF defenses 0 of 6

Lab: SSRF with blacklist-based input filter PRACTITIONER

Lab: SSRF with filter bypass via open redirection vulnerability PRACTITIONER

SSRF with whitelist-based input filters APPRENTICE

Bypassing SSRF filters via open redirection APPRENTICE

Circumventing common SSRF defenses APPRENTICE

SSRF with blacklist-based input filters APPRENTICE

Blind SSRF vulnerabilities 0 of 5

Lab: Blind SSRF with out-of-band detection PRACTITIONER

What is the impact of blind SSRF vulnerabilities? APPRENTICE

How to find and exploit blind SSRF vulnerabilities APPRENTICE

Blind SSRF vulnerabilities APPRENTICE

How to find and exploit blind SSRF vulnerabilities - Continued APPRENTICE

Finding hidden attack surface for SSRF vulnerabilities 0 of 4

SSRF via the Referer header APPRENTICE

Finding hidden attack surface for SSRF vulnerabilities APPRENTICE

Partial URLs in requests APPRENTICE

URLs within data formats APPRENTICE