Blog / Roundup: Interactive tutorial on leveraging SSRF

August 23, 2019

Interactive tutorial shows how easy it can be to leverage SSRF - Oskar P

https://application.security

This simple interactive tutorial shows how someone leveraged a SSRF error to gain access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, and 80,000 bank account numbers. It leverages the AWS metadata endpoint to get access to S3 account credentials.