This course explains how software developers and testers can determine if their web applications are vulnerable to A10:2021 Server-Side Request Forgery (SSRF), as defined by the Open Web Application Security Project (OWASP).
On successful completion of this course, learners should have the knowledge and skills required to:
- Define and identify Server Side Request Forgery—or SSRF—vulnerabilities
- Recognize user input potentially exploitable for executing SSRF attacks
- Exploit SSRF vulnerabilities, mapping normally unreachable networks
- Understand how to bypass detection and validation code
- Gain access to cloud metadata