Bro it would be helpful if you increase the volume in the video. Someone surfing RU-vid over mobile for good cybersecurity content would easily bypass this video b/c even at full volume I am not able to listen it.
If there is an SSRF issue and if target is restricted to do internal ip scanning then you can use dns rebinding to bypass the restrictions. Even if they restricted aws metadata ip address also you can bypass it using dns rebinding.
In this bypass no need to change company settings, just bind two ip addresses(one is not restricted ip address like google ip and other is restricted ip address like localhost) for the same domain and pass the domain as a user input. For binding two ips to same domain you can use the dns rebinder service that i shown in the video.