Ashhad Aliashhadali.hashnode.dev·Jun 29, 2024Understanding and Preventing Server-Side Request Forgery (SSRF)Hey there! I recently dived deep into the fascinating yet complex world of Server-Side Request Forgery (SSRF), and I’m excited to share my findings with you. SSRF is a critical security vulnerability that can wreak havoc if not properly addressed. Le...Server-Side Request Forgery
Cloud Tunedcloudtuned.hashnode.dev·May 16, 2024Understanding Server-Side Request Forgery (SSRF)Understanding Server-Side Request Forgery (SSRF) Server-Side Request Forgery (SSRF) is a security vulnerability that occurs when an attacker is able to send unauthorized requests from a vulnerable server. This type of attack can lead to data leaks, s...ssrf
sicariusforDorki - Blogdorki.hashnode.dev·May 10, 2024How I Found A Full Read SSRF Leaking AWS EC2 Credentials Using Dorki.attaxa.comSSRF is a vulnerability when you force the webserver to execute requests against a resource that you can control. These types of vulnerabilities are most of the time very critical, especially when you can get the result of the call made by the server...1 like·3.2K readsssrf
Sourav Chakrabortydevsecopssourav.hashnode.dev·Apr 27, 2024From Metadata to Mayhem: Protecting AWS account from SSRF Attacks via IMDSV2Server-Side Request Forgery (SSRF) is a critical security vulnerability that allows attackers to manipulate a server into making unintended requests to internal or external systems. In this article, we explore the relationship between SSRF and the AW...ssrf
Oleksandr Lazarenkoalexlaer.hashnode.dev·Nov 22, 2023Node.js Security Unleashed: Your Ultimate Defense Guide (2/7)A Preface Nowadays, everyone acknowledges that there exists a plethora of possible attacks and exploits, each capable of employing diverse approaches to compromise a targeted system. Thankfully, a significant portion of them derives from the well-est...821 readsNode.js
Sibin SVsibinsv.hashnode.dev·Oct 11, 2023Unmasking SSRF Vulnerabilities: A Deep Dive into Our App's SecurityIn the ever-evolving landscape of application development, the intersection of user-friendliness and security often presents a complex challenge. Recently, we uncovered a notable security concern within a section of our application that allows users ...Security
Le Minh Nguyen0xdinot6121.hashnode.dev·Aug 18, 2023Simple, just enter URL, we will do all the things...Target: http://139.180.214.198:8080/ Kiểm tra thử web xem có gì không ? Đơn giản chỉ cần nhập URL và web sẽ làm một cái thứ gì đó. Kiếm một link dẫn tới một bức ảnh thử xem nó có gì thú vị ?Thử kiểm tra link này: https://encrypted-tbn0.gstatic.com/i...command injection
Rafael da Costa Santosrafa.hashnode.dev·Aug 17, 2023InfluxDB NoSQL InjectionIn this post, I'll share my experience of discovering a NoSQL Injection vulnerability in a Bug Bounty program in a non-popular database within the hacking community. During the initial discovery, I was expecting to find a good blog post or tool teach...1.9K readsInfluxDB
Cxnsxlecxnsxle.hashnode.dev·Jul 26, 2023SSRF VulnerabilityWhat is SSRF? Server-side request forgery (SSRF) is a web security vulnerability that allows us as attackers to induce the server-side application to make requests to an unintended location. In a typical SSRF attack, the attacker might cause the serv...1 like·26 readsssrf
Samir Ranjan Parhils-lrt.hashnode.dev·Jul 22, 2023Understanding Server-Side Request Forgery (SSRF)Introduction: In today's interconnected world, web applications rely on various external services to provide dynamic content and functionality. However, this dependence on external resources can also create security vulnerabilities, one of which is S...295 readsssrf
