Published On Jun 11, 2018
In this video I demonstrate how a Server-Side Request Forgery (SSRF) attack works, including how a Cross-Site Port Attack (XSPA) looks like in Wireshark, and I also cover the installation of XVWA.
There's a lot to learn in this video if you look closely, as I cover a bit more than just the basics of SSRF.
Disclaimer: Explicit written permission should be obtained if you are going to test a system that you do not legally own. A lot of websites have a "bug bounty program" these days, which allow you to test websites of big companies, as long as you follow their pentest engagement rules. (Refer to e.g. HackerOne)
Special Thanks:
- Josh (First elite supporter!)
Tools:
- VMware (https://www.vmware.com/go/downloadplayer)
- Kali Linux (http://kali.org)
- XVWA (https://github.com/s4n7h0/xvwa)
- Google Docs Sheet: https://docs.google.com/document/d/1v...
Stay tuned and subscribe for upcoming video about various types of hacks!
Twitter: @CrazyDaneHacker
Facebook: / crazydanishhacker
Patreon: / crazydanishhacker
Website: https://www.crazydanishhacker.com/