Server-Side Request Forgery (SSRF) – Exploitation And Defense Insights

In this section, we’ll explain what server-side request forgery is, describe some common examples, and explain how to find and exploit various kinds of SSRF vulnerabilities. What is SSRF? Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make requests to an …

VulnLab : A Web Vulnerability Lab Project

VulnLab is a web vulnerability lab project developed by Yavuzlar. Vulnerabilities SQL Injection Cross Site Scripting (XSS) Command Injection Insecure Direct Object References (IDOR) Cross Site Request Forgery (CSRF) XML External Entity (XXE) Insecure Deserialization File Upload File Inclusion Broken Authentication Installation Install with DockerHub If you want to install on DockerHub, just type this …

Vulmap : Web Vulnerability Scanning & Verification Tools

Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions. Relevant testers can use vulmap to detect whether the target has a specific vulnerability, and can use the vulnerability exploitation function to verify whether the vulnerability …