OWASP Top 10: A10:2021-Server-Side Request Forgery (SSRF)
OWASP 2022
| Intermediate
- 7 Videos | 37m 13s
- Includes Assessment
- Earns a Badge
URLs are endpoints for web services that can be accessed remotely. Server-Side Request Forgery (SSRF) attacks target servers and result from attackers leveraging URLs and vulnerable web applications to access sensitive data. Cross-Site Request Forgery (CSRF) attacks target client devices and perform unauthorized actions using authenticated user sessions with web services. In this course, learn about SSRFs. Next, discover how to scan a network for HTTP hosts using Nmap, execute a Cross-Site Request Forgery (CSRF) attack, and run a Denial of Service (DoS) attack against a web server. Finally, practice mitigating controls for SSRFs. Upon completion, you'll be able to mitigate Cross-Site Request Forgery and Server-Side Request Forgery attacks.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this course
recognize how server-side request forgery (SSRF) attacks occur and how to mitigate against them
identify active network hosts and services using Nmap
execute a Cross-Site Request Forgery (CSRF) attack against a vulnerable web application -
run a Denial of Service (DoS) attack against a vulnerable web application
implement controls to reduce the potential for server-side request forgery (SSRF) attacks
summarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 10sUP NEXT
-
2.Server-Side Request Forgery (SSRF) Attacks9m 3s
-
3.Performing Network Mapping with Nmap7m 8s
-
4.Executing a Cross-site Request Forgery (CSRF) Attack5m 45s
-
5.Running a Denial of Service (DoS) Attack7m 21s
-
6.Reducing Server-Side Request Forgery (SSRF) Attacks6m 7s
-
7.Course Summary40s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.
