About 51 results
Open links in new tab
  1. portswigger.net
    https://portswigger.net › web-security › ssrf

    Server-side request forgery (SSRF) - PortSwigger

    What is SSRF? Server-side request forgery is a web security vulnerability that allows an attacker to cause the server-side application to make requests to an unintended location. In a typical SSRF …

  2. portswigger.net
    https://portswigger.net › web-security › learning-paths › ssrf-attacks

    Server-side request forgery (SSRF) attacks - PortSwigger

    Server-side request forgery (SSRF) attacks This learning path teaches you about server-side request forgery (SSRF). You'll learn about its impact, common techniques used in attacks, and how to defend …

  3. portswigger.net
    https://portswigger.net › burp › documentation › desktop › testing-workflow › v…

    Testing for SSRF with Burp Suite - PortSwigger

    Mar 18, 2026 · Server-side request forgery (SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make requests to an unintended location. SSRF …

  4. portswigger.net
    https://portswigger.net › web-security › ssrf › blind

    Blind SSRF vulnerabilities | Web Security Academy - PortSwigger

    Blind SSRF vulnerabilities In this section, we'll explain what blind server-side request forgery is, describe some common blind SSRF examples, and explain how to find and exploit blind SSRF vulnerabilities. …

  5. portswigger.net
    https://portswigger.net › burp › documentation › desktop › testing-workflow › v…

    Testing for SSRF vulnerabilities with Burp Suite - PortSwigger

    Mar 18, 2026 · Server-side request forgery (SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make requests to an unintended location.

  6. portswigger.net
    https://portswigger.net › web-security › ssrf › lab-basic-ssrf-against-localhost

    Lab: Basic SSRF against the local server - PortSwigger

    Server Side Request Forgery - SSRF. What is it? How does it work? Basic SSRF against local server. - YouTube Server Side Request Forgery - SSRF. What is it? How does it work? Basic SSRF against …

  7. portswigger.net
    https://portswigger.net › web-security › learning-paths › csrf

    Cross-site request forgery (CSRF) - PortSwigger

    Cross-site request forgery (CSRF) This learning path covers CSRF (Cross-Site Request Forgery). You'll learn about some common CSRF vulnerabilities, and how to prevent them.

  8. portswigger.net
    https://portswigger.net › web-security › learning-paths › server-side-vulnerabili…

    Server-side vulnerabilities - PortSwigger

    Server-side request forgery (SSRF) SSRF vulnerabilities enable an attacker to trigger malicious server-to-server requests to unintended URLs. As the server issuing the request is likely to have a strong …

  9. portswigger.net
    https://portswigger.net › web-security › csrf › xss-vs-csrf

    XSS vs CSRF | Web Security Academy - PortSwigger

    XSS vs CSRF In this section, we'll explain the differences between XSS and CSRF, and discuss whether CSRF tokens can help to prevent XSS attacks. What is the difference between XSS and …

  10. portswigger.net
    https://portswigger.net › web-security › ssrf › url-validation-bypass-cheat-sheet

    URL validation bypass cheat sheet - PortSwigger

    URL validation bypass cheat sheet This cheat sheet contains payloads for bypassing URL validation. These wordlists are useful for attacks such as server-side request forgery, CORS misconfigurations, …

Content was generated with AI. Learn more