Learn about Server Side Request Forgery (SSRF) attacks in this 37-minute video from Bugcrowd University. Explore the OWASP definition, understand external and internal SSRF techniques, discover methods for bypassing blacklists, and examine real-world examples. Gain practical insights through a simple demo and access valuable resources for further study on this critical web security vulnerability.
Overview
Syllabus
Intro
Module Trainer
Module Outline
Introduction to SSRE
External SSRE - MAKING OUTBOUND CONNECTIONS TO A SERVER YOU CONTROL
External SSRF - Making an outbound connection
External SSRE- Making an external pingback
Internal SSRE - Parsing an AWS Metadata
Bypassing the Blacklists
Lab URL (simple demo)
Public Disclosure Sample
Resources and References
Taught by
Bugcrowd
Related Courses
-
OWASP Top 10: Server Side Request Forgery
-
OWASP Top 10 - A10:2021 - Server-Side Request Forgery (SSRF)
-
What is Server-Side Request Forgery - SSRF?
-
Piercing the Veil - Server Side Request Forgery Attacks on Internal Networks
-
Learning Server Side Request Forgery Basics Using Portswigger's Web Security Academy
-
Learn to Hack WebApps - SSRF (Server-Side Request Forgery)
