The State of Server-Side Request Forgery Risks in 2022
Author(s):
Harry Wilson, Head of Digital Marketing Department, Globex Outreach
Perhaps one of the best Black Hat talks in recent years was renowned web security researcher Orange Tsai’s presentation about bypassing Server-Side Request Forgery (SSRF) defenses. Together with his team, Tsai proposed a “very general attack approach” to discover numerous zero-days in built-in libraries of widely-used programming languages including Java, PHP, Python, Perl, JavaScript and … Read more