Tag feed

#ssrf

39 posts6 followers

Explore Hashnode

Alternatives

Trending tags this week

RDRidam Darjitheawsautopsy.hashnode.devMay 6 · 10 min read

🔪 The AWS Autopsy | Case #01 — SSRF to IAM Credential Theft - Capital-One

How One Misconfigured WAF Cost Capital One $80 Million Series: The AWS Autopsy — Real Cloud Breaches, Dissected Difficulty: Intermediate Lab Time: ~45 minutes AWS Cost: Near zero (t2.micro — free tie

0

JJebitoksharonjebitok.comMay 6 · 14 min read

Plant Photographer (TryHackMe)

Plant Photographer is a TryHackMe challenge built around a botanist's personal portfolio website running on Werkzeug/Python. The box covers three main vulnerability classes: SSRF (Server-Side Request

0

KEkingsley ebube onohkingsleyonoh.hashnode.devApr 18 · 7 min read

I Spent a Week Securing Webhook Ingestion. The Real Attack Surface Was Delivery.

I ran the security review two weeks after the first deployment. The ingestion side looked solid: HMAC signature verification using crypto.timingSafeEqual, rate limiting at 1,000 requests per minute, payload size capped at 1MB, idempotency deduplicati...

0

EEibeib.hashnode.devApr 6 · 8 min read

Crafting a Full Read SSRF: A Journey Through Oauth DCR, Open URL Redirects, and Path Normalization

The Bug This blog post outlines the chains of multiple gadgets to achieve a full read ssrf on a target. Open Dynamic client registration on the MCP server to create an open redirect gadget Path norm

0

JJebitoksharonjebitok.comMar 7 · 12 min read

Message to Garcia (TryHackMe)

Introduction In 1899, Elbert Hubbard wrote a short essay that would outlive him by over a century. It told the story of Lt. Andrew Rowan, a soldier given one mission: deliver a message to General Garc

0

EEibeib.hashnode.devFeb 7 · 6 min read

Full Read SSRF in a PDF generation feature to read data from Internal domains

The Bug The bug is a server-side request forgery vulnerability in a PDF generation feature that enabled me to read data from internal domains that are not publicly reachable The Journey I’ve been working on this application for three months now, and ...

0

ASAmirmohammad Safariblog.voorivex.teamFeb 3 · 14 min read

Shaking the MCP Tree: A Security Deep Dive

AI is moving fast. Companies are racing to connect their services to AI assistants, shipping integrations as quickly as possible to stay ahead. But when speed is the priority, security often gets left behind. In this post, I'll show you what happens ...

0

JJebitoksharonjebitok.comJan 30 · 4 min read

Surfer - SSRF (TryHackMe)

Introduction: Web app with hidden internal pages. The challenge mentions an SSRF vulnerability. Goal: Access restricted admin functionality. What You Did: Login with default creds (admin/admin) Found export2pdf.php endpoint that accepts URLs Explo...

0

BBBold BI by Syncfusionboldbi.hashnode.devJan 28 · 4 min read

Bolstering Security: Configuring Domains to Ward Off SSRF

In today’s interconnected digital landscape, web application security is paramountly important. Server-Side Request Forgery threatens web application integrity and confidentiality. This draft explains configuring known domains to mitigate SSRF risks ...

0

MSmaulik srivastavapub.nexttechlabap.inJan 22 · 12 min read

Deconstructing SSRF+SSTI vulns to gain RCE in a Message Broker environment

Description: Rabbit Store is medium level machine from tryhackme to test your basic web testing skills and Linux basics. it can be conquered if u have understanding of SSRF and SSTI vulnerabilities to achieve RCE gain access to shell. Therefore, retr...

0

#ssrf

Search Hashnode

#ssrf

Explore Hashnode

Trending tags this week

🔪 The AWS Autopsy | Case #01 — SSRF to IAM Credential Theft - Capital-One

Plant Photographer (TryHackMe)

I Spent a Week Securing Webhook Ingestion. The Real Attack Surface Was Delivery.

Crafting a Full Read SSRF: A Journey Through Oauth DCR, Open URL Redirects, and Path Normalization

Message to Garcia (TryHackMe)

Full Read SSRF in a PDF generation feature to read data from Internal domains

Shaking the MCP Tree: A Security Deep Dive

Surfer - SSRF (TryHackMe)

Bolstering Security: Configuring Domains to Ward Off SSRF

Deconstructing SSRF+SSTI vulns to gain RCE in a Message Broker environment