Previous Lecture Complete and continue  

  Injection Fundamentals: What Is SSRF?

Note: For the exercises, the course directory has changed! It's now https://github.com/SecuringTheStack/tutorials/tree...

Assignment Command: EX_NUM=1 docker-compose up

Answer Command: EX_NUM=2 docker-compose up

Injection Fundamentals: What Is SSRF?

Table Of Contents

Intro

Inject The Curl Context (Assignment Prep)

Inject The Curl Context (Assignment)

Inject The Curl Context (Answer)

Server Side Request Forgery (SSRF)

Semantic Injection

AWS EC2 Metadata SSRF

AWS EC2 Metadata SSRF (Takeaways)

New Relic Webhook Blind SSRF

Blind Injection

Course Takeaways

Next Steps

Error Log

Additional Resources

Referenced In Tutorial

General

Java

Javascript

Ruby

PHP

Python

Knowledge Dependency Tree

Discussion
0 comments