The includes my learnings in SSRF in the Server Side Attacks module of the CBBH path.
SSRF or Server Site Request Forgery involves user supplied malicious URLS in order to access remote resources. This is possible through a feature in the website that is vulnerable to ssrf in which the user can manipulate this request inorder to access certain resources, hidden information, and steal sensitive data.
There are two types of SSRF: Regular and Blind.
Regular is where you can see the feedback of the response to the web application. Blind is where the feedback is shown but can be implied through certain messages. A way to prevent SSRF is through input sanitization, access controls, and monitoring.
PREVIOUSFile Upload Attacks