In an SSRF attack against the server, the attacker causes the application to make an HTTP request back to the server that is hosting the application, via its loopback network interface.

This learning path teaches you about server-side request forgery (SSRF). You'll learn about its impact, common techniques used in attacks, and how to defend against them.

It is sometimes also possible to use the Host header to launch high-impact, routing-based SSRF attacks. These are sometimes known as "Host header SSRF attacks", and were explored in …

Dec 10, 2020 · I've successfully crafted an injection that can perform an SSRF attack on a PDF rendered server-side. I've also managed to read the contents of files from the same domain, …

You can often detect blind XXE using the same technique as for XXE SSRF attacks but triggering the out-of-band network interaction to a system that you control.

Jan 6, 2022 · Java RMI services can be attacked through server-side request forgery (SSRF) attacks, according to a detailed analysis of the problem by security researcher Tobias Neitzel.

Jun 3, 2025 · This BCheck enables Burp Scanner to use Burp Collaborator to check for SSRF. The check works by sending a request containing a Burp Collaborator interaction ID in the …

Aug 7, 2024 · The single biggest breakthrough in this research was when I realized I could use timing to detect a widely overlooked type of SSRF. Back in 2017, I researched techniques to …

Jun 6, 2023 · This extension automatically repeats requests, with replacement rules and response diffing. It provides a general-purpose solution for streamlining authorization testing within web …

PortSwigger offers tools for web application security, testing & scanning. Choose from a wide range of security tools & identify the very latest vulnerabilities.