Server-Side Request Forgery (SSRF)- PortSwigger Labs

Lab: Basic SSRF against the local server

SSRF Attack Lifecycle

Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make requests to an unintended location.

In a typical SSRF attack, the attacker might cause the server to make a connection to…