An attacker uses server functionality to access or modify resources in a Server-Side Request Forgery (SSRF) attack. The attacker goes after an application that allows users to import data from URLs or read data from URLs.
Whitelisting the hostname (DNS name) or IP address that your application needs to access is the most reliable approach to eliminate server-side request forgery (SSRF). If you can't utilise a whitelist and must rely on a blacklist, it's critical to properly validate user input.
The target application may have the ability to import data from a URL, publish data to a URL, or read data from a URL that has been tampered with. The attacker alters the calls to this feature by using a different URL or changing the way URLs are constructed (path traversal etc.).
The user is the target of a CSRF attack. While it was successful in exploiting holes in the website's design, the goal was to perform legitimate but unauthorised operations on the user's web-based service account. SSRF, on the other hand, is primarily designed to attack the server.
Server side request forgery is a type of attack that exploits the trust relationship between the browser and the server. The attacker submits a form to the server, but instead of submitting it to the intended destination, they submit it to another website.
Learner's Ratings
4.6
Overall Rating
82%
6%
5%
1%
6%
Reviews
J
Jayesh olivkar
5
how can i view and download notes??
A
Ankit Saini
5
very very nice course
M
MD MOFAKKERUL ISLAM
5
I am at the beginning of the course, still finding no issue to complain about, but I'll find it helpful if all courses are taught in English although I have no problem with Hindi.
A
Aditya Dhengare
5
how can i download notes
M
Muskn Khan
5
yes
M
Md Momin
5
বাংলা ভাষা কোর্স দিন
R
RIDHAM BHAVNAGARIYA
5
This Is one of the best course. even this is better then paid course. I need notes for that so where i get it.
V
VANSH Ganganiya
5
Sir your explaining is very best than a teacher or profeser. I am noticing that you not left a single thing that we not understand💓
D
DEEPAK KING 7813
5
THANKS SIR JI
S
Salman Zaheer
5
After this course who hacked social media account.
Show More
Recommended Courses
Cyber Forensics Masterclass with Hands on learning
Share a personalized message with your friends.