In this video, we cover the theory behind Server-Side Request Forgery (SSRF) vulnerabilities, how to find these types of vulnerabilities from both a white box and black box perspective, how to exploit them and how to prevent them.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: bit.ly/30LWAtE
▬ 📖 Contents of this video 📖 ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
00:30 - Web Security Academy Course (bit.ly/30LWAtE)
01:42 - Agenda
02:36 - What is a SSRF vulnerability?
18:13 - How to find SSRF vulnerabilities?
26:50 - How to exploit SSRF vulnerabilities?
41:23 - How to prevent SSRF vulnerabilities?
45:42 - Resources
46:42 - Thank You
▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
Video slides: github.com/rkhal101/Web-Secur...
Web Security Academy: portswigger.net/web-security/...
OWASP - SSRF: owasp.org/www-community/attac...
Server-Side Request Forgery Prevention Cheat Sheet: cheatsheetseries.owasp.org/ch...
SSRF Bible Cheat Sheet: cheatsheetseries.owasp.org/as...
Preventing Server-Side Request Forgery Attacks: seclab.nu/static/publications...
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!: www.blackhat.com/docs/us-17/t...
Rana's Twitter account: / rana__khalil
Hacker Icons made by Freepik: www.freepik.com
3 июл 2024