OWASP Top 10: A10:2021-Server-Side Request Forgery (SSRF)

URLs are endpoints for web services that can be accessed remotely. Server-Side Request Forgery (SSRF) attacks target servers and result from attackers leveraging URLs and vulnerable web applications to access sensitive data. Cross-Site Request Forgery (CSRF) attacks target client devices and perform unauthorized actions using authenticated user sessions with web services. In this course learn about SSRFs. Next discover how to scan a network for HTTP hosts using Nmap execute a Cross-Site Request Forgery (CSRF) attack and run a Denial of Service (DoS) attack against a web server. Finally practice mitigating controls for SSRFs. Upon completion youll be able to mitigate Cross-Site Request Forgery and Server-Side Request Forgery attacks.