Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Server-Side Request Forgery (SSRF)
Introduction
Course Introduction (2:26)
Course Slides and Scripts
Getting Help
Answering Your Questions (3:11)
Join the Discord Server
SSRF - Technical Deep Dive
Agenda (0:52)
What is SSRF (15:37)
How to Find SSRF Vulnerabilities (8:36)
How to Exploit SSRF Vulnerabilities (14:33)
How to Prevent SSRF Vulnerabilities (4:17)
Additional Resources (0:58)
Lab Environment Setup
Lab Environment Setup (7:21)
Step-by-Step Guide
Hands-On SSRF Labs
Lab #1 Basic SSRF against the local server (21:31)
Lab #2 Basic SSRF against another back-end system (26:53)
Lab #3 SSRF with blacklist-based input filter (20:08)
Lab #4 SSRF with whitelist-based input filter (21:04)
Lab #5 SSRF with filter bypass via open redirection vulnerability (18:36)
Note - Changes to Burp Collaborator
Lab #6 Blind SSRF with out-of-band detection (6:01)
Lab #7 Blind SSRF with Shellshock exploitation (12:41)
Thank You!
Thank You!
Lab #5 SSRF with filter bypass via open redirection vulnerability
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock