heisenbug Heisenbug 2019 SPb (17.05.2019 — 18.05.2019)

Wrong request


All that Denis knows about SSRF and considers interesting. The auditor’s experience.

SSRF (Server-Side Request Forgery) is considered one of the most critical vulnerabilities in modern web applications. We’ll talk about how to configure your environment to easily detect vulnerabilities causing SSRF, which scenarios you should consider in order to cover most checks and increase your chances of detecting the vulnerability.

We’ll also discuss: