Overview
This course teaches learners how to ethically hack internal networks through Server Side Request Forgery (SSRF) attacks. The course covers various entry points and attack examples, the dangers of internal services, and how to exploit SSRF for different purposes. Learners will also understand the background of SSRF research, key points of failure for the Department of Defense, and ways to mitigate SSRF attacks. The teaching method involves practical examples and demonstrations. This course is intended for ethical hackers, bug bounty hunters, security professionals, and anyone interested in cybersecurity.
Syllabus
Intro
Ethically hacking through Bug bounties and VDP
Esoteric SSRF Entry Points
Esoteric attack examples
Dangers of Internal Services
Exploiting SSRF for Fun and Profit
Background of the initial research
Exploiting the Oauth SSRF for fun
Key points of failure for the DoD
Mitigating SSRF
Questions?
Taught by
Cooper