Interactive tutorial shows how easy it can be to leverage SSRF - Oskar P

This simple interactive tutorial shows how someone leveraged a SSRF error to gain access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, and 80,000 bank account numbers. It leverages the AWS metadata endpoint to get access to S3 account credentials.

Written by Ben Baumann