SSRF

Oct 15, 2022  ·  9 min read

HackTheBox - Forge

Bypass SSRF filters using domain redirection and abusing Python PDB

OSCP-Like Linux SSRF Vhost
Oct 09, 2021  ·  11 min read

H@cktivitycon 2021 - Web

Another late CTF writeups for H@cktivitycon 2021 web category.

Default-Credentials SSRF Command-Injection CRLF
Aug 09, 2021  ·  10 min read

HackTheBox - Love

Basic things you can do with SSRF

Windows SSRF AlwaysInstallElevated Msi-Installer
May 15, 2021  ·  9 min read

HackTheBox - Ready

Turns SSRF to remote code execution and escape from a Docker container

Linux GitLab CVE-2018-19571 CVE-2018-19585
May 09, 2021  ·  9 min read

HackTheBox - Time

Exploiting an insecure deserialization on Jackson library and how to mitigate it

Linux Jackson Java SSRF