server side request forgery Archives - Include Security Research Blog

Mitigating SSRF in 2023

March 22, 2023March 20, 2023 — Laurence Tennant

Server-Side Request Forgery (SSRF) is a vulnerability that allows an attacker to trick a server-side application to make a request to an unintended location. SSRF, unlike most other specific vulnerabilities, has gained its own spot on the OWASP Top 10 2021. This reflects both how common and how impactful this type of vulnerability has become. … Read more

Introducing: SafeURL – A set of SSRF Protection Libraries

February 18, 2021August 19, 2016 — Code by IncludeSec team, with contributions by our Intern Mohammad Al Amin

At Include Security, we believe that a reactive approach to security can fall short when it’s not backed by proactive roots. We see new offensive tools for pen-testing and vulnerability analysis being created and released all the time. In regards to SSRF vulnerabilities, we saw an opportunity to release code for developers to assist in … Read more