YoVDO

Piercing the Veil - Server Side Request Forgery Attacks on Internal Networks

Offered By: Cooper via YouTube

Tags

Conference Talks Courses Cybersecurity Courses Network Security Courses Ethical Hacking Courses Server-Side Request Forgery (SSRF) Courses

Course Description

Overview

Explore the intricacies of Server Side Request Forgery (SSRF) attacks on internal networks in this 32-minute conference talk. Delve into ethical hacking through bug bounties and Vulnerability Disclosure Programs (VDPs), uncovering esoteric SSRF entry points and attack examples. Examine the dangers of internal services and learn how to exploit SSRF for both fun and profit. Gain insights into the background of initial research and discover how to exploit OAuth SSRF. Analyze key points of failure for the Department of Defense (DoD) and understand effective SSRF mitigation strategies. Conclude with a Q&A session to address any remaining questions on this critical cybersecurity topic.

Syllabus

Intro
Ethically hacking through Bug bounties and VDP
Esoteric SSRF Entry Points
Esoteric attack examples
Dangers of Internal Services
Exploiting SSRF for Fun and Profit
Background of the initial research
Exploiting the Oauth SSRF for fun
Key points of failure for the DoD
Mitigating SSRF
Questions?


Taught by

Cooper

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube