Server-Side Request Forgery (SSRF)- PortSwigger Labs

Lab: Basic SSRF against another back-end system

SSRF Attack Lifecycle

Lab: Basic SSRF against another back-end system

Objectives:

This lab has a stock check feature that fetches data from an internal system.

--

--

--

Security Researcher [RED&BLUE]

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Exploiting Software-ATTACK PATTERN — Part 2

Exploiting CSRF (GET Methods)

For anyone asking about 8.4% of token part. It’s airdrop and Bounty Campaign.

Fighting the Wave of B2B Check Fraud

The Planet’s Prestige — Blue Team Labs Online Walkthrough

Evaluating Popular Web Browsers in Terms of Security and Privacy

Konomi Network Has Passed Beosin Technology’s Comprehensive Security Audit

{UPDATE} Hero Generations Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Koczwara

Michael Koczwara

Security Researcher [RED&BLUE]

More from Medium

Server-Side Request Forgery (SSRF)- PortSwigger Labs

This Kibana Vulnerability can give you RCE in a snap | Kibana CVE-2019–7609

VulnHub Walkthrough’s : BOX 1

SQL injection UNION attack, finding a column containing text (walkthrough)