In this video I demonstrate how a Server-Side Request Forgery (SSRF) attack works, including how a Cross-Site Port Attack (XSPA) looks like in Wireshark, and I also cover the installation of XVWA.

There's a lot to learn in this video if you look closely, as I cover a bit more than just the basics of SSRF.


Disclaimer: Explicit written permission should be obtained if you are going to test a system that you do not legally own. A lot of websites have a "bug bounty program" these days, which allow you to test websites of big companies, as long as you follow their pentest engagement rules. (Refer to e.g. HackerOne)


Special Thanks:
- Josh (First elite supporter!)


Tools:
- VMware (https://www.vmware.com/go/downloadplayer)
- Kali Linux (http://kali.org)
- XVWA (https://github.com/s4n7h0/xvwa)
- Google Docs Sheet: https://docs.google.com/document/d/1v...


Stay tuned and subscribe for upcoming video about various types of hacks!


Twitter: @CrazyDaneHacker
Facebook:   / crazydanishhacker  
Patreon:   / crazydanishhacker  
Website: https://www.crazydanishhacker.com/