Michael Koczwara

Apr 18

3 min read

Server-Side Request Forgery (SSRF)- PortSwigger Labs

Lab: SSRF with blacklist-based input filter

SSRF Attack Lifecycle

Lab: SSRF with blacklist-based input filter

Objectives:

This lab has a stock check feature that fetches data from an internal system.

--

--

More from Michael Koczwara

Security Researcher [RED&BLUE]

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

Recommended from Medium

Adam Barcan

in

In the weeds

How to ship a Rails upgrade and not break everything

Cupom de Desconto Udemy

*CUPOM DE 100% DE DESCONTO* — Masterclass de Gerenciamento de Tempo e Produtividade — Beat…

Viona8

DisCas DAO

Mallikarjun Haralalli

OWN SERVER

Supratip Banerjee

in

Towards AWS

Deployment Architecture and Cloud

Supratip Banerjee

in

AWS in Plain English

Asynchronous Messaging Patterns for Microservices

Rpatech

How RPA Implementation is Different From Traditional Programming or Software Development

Jane Friedhoff

Where C# Meets CSS: Tech Tricks From An AR Lyrics Experiment

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Koczwara

Michael Koczwara

Security Researcher [RED&BLUE]

More from Medium

Michael Koczwara

Server-Side Request Forgery (SSRF)- PortSwigger Labs

Hamit CİBO

My Pentest Log -7- (Horizontal/Vertical Privilege Escalation)

Rifqi Hilmy Zhafrant

in

System Weakness

Open Redirect via Sendgrid Email Misconfiguration

Mukilan Baskaran

Information Disclosure Bug

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable