Here is a quick and easy way to test if an API endpoint is vulnerable to a Server Side Request Forgery (SSRF) attack. To do this, we can use a website called webhook.site to simulate a payload. What is SSRF? We want to test for SSRF whenever we come across an API endpoint that fetches... Continue reading The post Testing for SSRF in an API first appeared on Zero Day Hacker.
