OWASP Top 10: A10:2021-Server-Side Request Forgery (SSRF)

OWASP 2022    |    Intermediate
  • 7 Videos | 37m 13s
  • Includes Assessment
  • Earns a Badge
URLs are endpoints for web services that can be accessed remotely. Server-Side Request Forgery (SSRF) attacks target servers and result from attackers leveraging URLs and vulnerable web applications to access sensitive data. Cross-Site Request Forgery (CSRF) attacks target client devices and perform unauthorized actions using authenticated user sessions with web services. In this course, learn about SSRFs. Next, discover how to scan a network for HTTP hosts using Nmap, execute a Cross-Site Request Forgery (CSRF) attack, and run a Denial of Service (DoS) attack against a web server. Finally, practice mitigating controls for SSRFs. Upon completion, you'll be able to mitigate Cross-Site Request Forgery and Server-Side Request Forgery attacks.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    recognize how server-side request forgery (SSRF) attacks occur and how to mitigate against them
    identify active network hosts and services using Nmap
    execute a Cross-Site Request Forgery (CSRF) attack against a vulnerable web application
  • run a Denial of Service (DoS) attack against a vulnerable web application
    implement controls to reduce the potential for server-side request forgery (SSRF) attacks
    summarize the key concepts covered in this course

IN THIS COURSE

  • Playable
    1. 
    Course Overview
    1m 10s
    UP NEXT
  • Playable
    2. 
    Server-Side Request Forgery (SSRF) Attacks
    9m 3s
  • Locked
    3. 
    Performing Network Mapping with Nmap
    7m 8s
  • Locked
    4. 
    Executing a Cross-site Request Forgery (CSRF) Attack
    5m 45s
  • Locked
    5. 
    Running a Denial of Service (DoS) Attack
    7m 21s
  • Locked
    6. 
    Reducing Server-Side Request Forgery (SSRF) Attacks
    6m 7s
  • Locked
    7. 
    Course Summary
    40s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.