Skip to content

research.securitum.com

securitum.com vulnerabilities researches and cyber security education publications

  • About us
  • Penetration Testing
  • Contact

Tag: SSRF

What is the SSRF vulnerability (Server Side Request Forgery)?

Michał Bentkowski | July 18, 2016September 30, 2019 | Education

A large part of web applications allows you to upload your own file to the server by providing the URL address, where it will be automatically downloaded to the server. In this article, we will discuss what problems may arise from such a  solution. The article will be based on a simple functionality in the …

Read more

Research updates?

We keep your data private and use it only for research updates newsletter. We also hate spam! Read our Privacy Policy.

Check your inbox or spam folder to confirm your subscription.

Categories

  • Education 31
  • Research 19

Tags

Analysis · Apache · Bug Bounty · Bypass · CA · Camera · Car · Card · CCTV · Censys · Cisco · Cordova · Credit Card · Cryptography · Desktop · Google · Google Chrome · Hack · Hangouts · HTTP · HTTP/2 · IoT · Linux · Malware · Mozilla Firefox · NMAP · Payment · Paypass · Phone · Privilige Escalation · pseudo-random · Race Condition · RCE · Reconnaissance · Shodan · Spoofing · SSL · Takeover · Upload · Vulnerability · Web Hacking · XSS · XSSMas · ZIP · Zoomeye

Archives

  • 2019 8
  • 2018 10
  • 2017 18
  • 2016 8
  • 2015 5

Post of the month

3 Sep 2019

Security analysis of <portal> element

Michał Wnękowicz

Security Research Manager

Check out our new security discovery: deep security analysis of element with high bounty from Google.

READ MORE

Follow us on:

  • LinkedIn
  • Facebook
  • Twitter
  • GitHub

Pages

  • Research Home Page
  • Penetration Testing
  • Privacy Policy
  • About us
  • Contact

Recent Posts

  • XSS in GMail’s AMP4Email via DOM Clobbering November 18, 2019
  • Exploiting prototype pollution – RCE in Kibana (CVE-2019-7609) October 30, 2019
  • JWT (JSON Web Token) (in)security October 24, 2019
  • Write-up of DOMPurify 2.0.0 bypass using mutation XSS September 20, 2019
  • Server Side Template Injection – on the example of Pebble September 17, 2019
©2019 research.securitum.com
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. You can read more at our Privacy Policy (link below).Ok