July 23, 2024

What is an SSRF?

Listen Later

5 minutes

SSRF is a web vulnerability that allows attackers to force servers into unauthorized HTTP requests. Exploited through input manipulation or web app vulnerabilities, it tricks servers into accessing URLs controlled by the attacker. This can result in data theft, unauthorized system access, or denial-of-service attacks. SSRF compromises sensitive info in cases where servers fetch data from internal APIs, putting security at risk. Its risk also includes internal systems that are not accessible via the Internet.

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

InfosecTrain

By InfosecTrain

5

22 ratings

July 23, 2024

What is an SSRF?

Listen Later

5 minutes

SSRF is a web vulnerability that allows attackers to force servers into unauthorized HTTP requests. Exploited through input manipulation or web app vulnerabilities, it tricks servers into accessing URLs controlled by the attacker. This can result in data theft, unauthorized system access, or denial-of-service attacks. SSRF compromises sensitive info in cases where servers fetch data from internal APIs, putting security at risk. Its risk also includes internal systems that are not accessible via the Internet.

...more

More shows like InfosecTrain

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

371 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,023 Listeners

Smashing Security by Graham Cluley

Smashing Security

322 Listeners

Professor Messer's Security+ Study Group by Professor Messer

Professor Messer's Security+ Study Group

138 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,013 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

174 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

189 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

202 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

73 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

137 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

170 Listeners

CISSP Cyber Training Podcast - CISSP Training Program by Shon Gerber, vCISO, CISSP, Cybersecurity Consultant and Entrepreneur

CISSP Cyber Training Podcast - CISSP Training Program

32 Listeners

Tech Career Blueprint Podcast | Presented By Master I.T. Zero To I.T. Hero by MASTER I.T.

Tech Career Blueprint Podcast | Presented By Master I.T. Zero To I.T. Hero

19 Listeners

CISM Central by Krishnakumar Mahadevan

CISM Central

0 Listeners

Decoded: The Cybersecurity Podcast by Edward Henriquez

Decoded: The Cybersecurity Podcast

4 Listeners