Using DNS To Bypass SSRF Protections
On a recent web application penetration test, I identified a classic server-side request forgery (SSRF) vulnerability that used a Denylist in an attempt to prevent active exploitation. This post details […]
On a recent web application penetration test, I identified a classic server-side request forgery (SSRF) vulnerability that used a Denylist in an attempt to prevent active exploitation. This post details […]