Overview
Learn about Server Side Request Forgery (SSRF) attacks in this 37-minute video from Bugcrowd University. Explore the OWASP definition, understand external and internal SSRF techniques, discover methods for bypassing blacklists, and examine real-world examples. Gain practical insights through a simple demo and access valuable resources for further study on this critical web security vulnerability.
Syllabus
Intro
Module Trainer
Module Outline
Introduction to SSRE
External SSRE - MAKING OUTBOUND CONNECTIONS TO A SERVER YOU CONTROL
External SSRF - Making an outbound connection
External SSRE- Making an external pingback
Internal SSRE - Parsing an AWS Metadata
Bypassing the Blacklists
Lab URL (simple demo)
Public Disclosure Sample
Resources and References
Taught by
Bugcrowd