Blind SSRF with out-of-band detection
Introduction This is our 5th article on Blind SSRF. In this lab, we will be solving the Blind SSRF with out-of-band detection lab. It is provided by PortSwigger Web Security…
Blind SSRF with Shell Shock Exploitation
Introduction In this article, we are going to solve the Blind SSRF with Shell Shock Exploitation lab. This is our 7th lab or 6th article on server-side request forgery. Lab…
SSRF with whitelist-based input filter | Web Security
Introduction In this article, we are going to solve the SSRF with whitelist-based input filter lab. This is part 6 of the SSRF series and the labs we are practicing…
Basic SSRF against another back-end system | Website Security
Lab Description Today, we will solve a lab that is about basic SSRF against another back-end system. The lab has a stock check feature that fetches data from the internal…
SSRF filter bypass via open redirection vulnerability
Lab Description So, today we will be solving the 4th lab of SSRF filter bypass via open redirection vulnerability. This lab has a stock check feature that fetches data from…
SSRF with blacklist-based input filter | Web Security
Introduction The article covers SSRF with blacklist-based input filter. In this lab, we will use various techniques to solve it. The developer has set up security defenses in the lab…
Gaining Access through Server-side Request Forgery
Introduction Server-side request forgery (SSRF) is a vulnerability found in websites and web applications. This vulnerability allows an attacker to trick a website into sending requests to another server on…