
Roundup: Interactive tutorial on leveraging SSRF
Ben Baumann
Aug. 23, 2019
Interactive tutorial shows how easy it can be to leverage SSRF - Oskar P
https://application.security
This simple interactive tutorial shows how someone leveraged a SSRF error to gain access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, and 80,000 bank account numbers. It leverages the AWS metadata endpoint to get access to S3 account credentials.