OWASP Top 10: A10:2021-Server-Side Request Forgery (SSRF)
OWASP 2022
| Intermediate
- 7 videos | 37m 13s
- Includes Assessment
- Earns a Badge
URLs are endpoints for web services that can be accessed remotely. Server-Side Request Forgery (SSRF) attacks target servers and result from attackers leveraging URLs and vulnerable web applications to access sensitive data. Cross-Site Request Forgery (CSRF) attacks target client devices and perform unauthorized actions using authenticated user sessions with web services. In this course, learn about SSRFs. Next, discover how to scan a network for HTTP hosts using Nmap, execute a Cross-Site Request Forgery (CSRF) attack, and run a Denial of Service (DoS) attack against a web server. Finally, practice mitigating controls for SSRFs. Upon completion, you'll be able to mitigate Cross-Site Request Forgery and Server-Side Request Forgery attacks.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this course
recognize how server-side request forgery (SSRF) attacks occur and how to mitigate against them
identify active network hosts and services using Nmap
execute a Cross-Site Request Forgery (CSRF) attack against a vulnerable web application -
run a Denial of Service (DoS) attack against a vulnerable web application
implement controls to reduce the potential for server-side request forgery (SSRF) attacks
summarize the key concepts covered in this course
IN THIS COURSE
-
1m 10s
-
9m 3s
-
3. Performing Network Mapping with Nmap7m 8s
-
4. Executing a Cross-site Request Forgery (CSRF) Attack5m 45s
-
5. Running a Denial of Service (DoS) Attack7m 21s
-
6. Reducing Server-Side Request Forgery (SSRF) Attacks6m 7s
-
7. Course Summary40s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.
