OWASP Top 10: A10:2021-Server-Side Request Forgery (SSRF)

OWASP 2022    |    Intermediate
  • 7 videos | 37m 13s
  • Includes Assessment
  • Earns a Badge
URLs are endpoints for web services that can be accessed remotely. Server-Side Request Forgery (SSRF) attacks target servers and result from attackers leveraging URLs and vulnerable web applications to access sensitive data. Cross-Site Request Forgery (CSRF) attacks target client devices and perform unauthorized actions using authenticated user sessions with web services. In this course, learn about SSRFs. Next, discover how to scan a network for HTTP hosts using Nmap, execute a Cross-Site Request Forgery (CSRF) attack, and run a Denial of Service (DoS) attack against a web server. Finally, practice mitigating controls for SSRFs. Upon completion, you'll be able to mitigate Cross-Site Request Forgery and Server-Side Request Forgery attacks.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    recognize how server-side request forgery (SSRF) attacks occur and how to mitigate against them
    identify active network hosts and services using Nmap
    execute a Cross-Site Request Forgery (CSRF) attack against a vulnerable web application
  • run a Denial of Service (DoS) attack against a vulnerable web application
    implement controls to reduce the potential for server-side request forgery (SSRF) attacks
    summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 10s
  • 9m 3s
  • Locked
    3.  Performing Network Mapping with Nmap
    7m 8s
  • Locked
    4.  Executing a Cross-site Request Forgery (CSRF) Attack
    5m 45s
  • Locked
    5.  Running a Denial of Service (DoS) Attack
    7m 21s
  • Locked
    6.  Reducing Server-Side Request Forgery (SSRF) Attacks
    6m 7s
  • Locked
    7.  Course Summary
    40s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.