2021-09-18 15:23:47
Want to learn SSRF? save this thread Fire
Blogs:
https://portswigger.net/web-security/ssrf
https://book.hacktricks.xyz/pentesting-web/ssrf-server-side-request-forgery
https://cobalt.io/blog/a-pentesters-guide-to-server-side-request-forgery-ssrf
https://payatu.com/blog/arjuns/a-basic-approach-to-ssrf
https://opensourceagenda.com/projects/allthingsssrf
https://neuralegion.com/blog/ssrf-server-side-request-forgery/
https://trustwave.com/en-us/resources/blogs/spiderlabs-blog/from-ssrf-to-compromise-case-study/
https://0xn3va.gitbook.io/cheat-sheets/web-application/server-side-request-forgery
CheatSheets:
https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Request%20Forgery
https://github.com/jdonsec/AllThingsSSRF
https://www.hahwul.com/phoenix/ssrf-open-redirect/
https://0xn3va.gitbook.io/cheat-sheets/web-application/server-side-request-forgery
https://highon.coffee/blog/ssrf-cheat-sheet/
https://book.hacktricks.xyz/pentesting-web/ssrf-server-side-request-forgery
https://cheatsheet.haax.fr/web-pentest/injections/server-side-injections/ssrf/
Free Labs to practice:
https://github.com/jdonsec/AllThingsSSRF
https://github.com/incredibleindishell/SSRF_Vulnerable_Lab
https://github.com/m6a-UdS/dvca
147 views12:23