• Online, Self-Paced
Course Description

URLs are endpoints for web services that can be accessed remotely. Server-Side Request Forgery (SSRF) attacks target servers and result from attackers leveraging URLs and vulnerable web applications to access sensitive data. Cross-Site Request Forgery (CSRF) attacks target client devices and perform unauthorized actions using authenticated user sessions with web services.

In this course, learn about SSRFs. Next, discover how to scan a network for HTTP hosts using Nmap, execute a Cross-Site Request Forgery (CSRF) attack, and run a Denial of Service (DoS) attack against a web server. Finally, practice mitigating controls for SSRFs.

Upon completion, you'll be able to mitigate Cross-Site Request Forgery and Server-Side Request Forgery attacks.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Analysis
  • Cybersecurity Management
  • Vulnerability Assessment and Management