OWASP Top 10: A10:2021-Server-Side Request Forgery (SSRF)

Skillsoft issued completion badges are earned based on viewing the percentage required or receiving a passing score when assessment is required. URLs are endpoints for web services that can be accessed remotely. Server-Side Request Forgery (SSRF) attacks target servers and result from attackers leveraging URLs and vulnerable web applications to access sensitive data. Cross-Site Request Forgery (CSRF) attacks target client devices and perform unauthorized actions using authenticated user sessions with web services. In this course, learn about SSRFs. Next, discover how to scan a network for HTTP hosts using Nmap, execute a Cross-Site Request Forgery (CSRF) attack, and run a Denial of Service (DoS) attack against a web server. Finally, practice mitigating controls for SSRFs. Upon completion, you'll be able to mitigate Cross-Site Request Forgery and Server-Side Request Forgery attacks.