Understanding CSRF and SSRF Attacks (Demo and Examples)

Автор: Snyk

Загружено: 2024-10-28

Просмотров: 5337

Описание:

In this video, we examine two critical web security vulnerabilities: CSRF (Cross-Site Request Forgery) and SSRF (Server-Side Request Forgery). Learn about each attack, how it differs, and why it poses serious risks to web applications.

Use Snyk for free to find and fix security issues in your applications today! https://snyk.co/ugLYn

✍️ Resources ✍️
CSRF blog: https://snyk.co/csrf-blog
SSRF blog: https://snyk.co/ssrf-blog
Web Dev Cody: ‪@WebDevCody‬
Web Dev Cody - SSRF Video:    • This is why you can't blindly use AI

⏲️ Chapters ⏲️
00:00 - Intro
00:37 - CSRF Explained
02:34 - SSRF Explained
04:37 - What's the difference?
05:08 - CSRF live demo
10:14 - How to protect against CSRF
10:39 - SSRF live demo
13:46 - How to prevent SSRF attacks
14:23 - Outro

⚒️ About Snyk ⚒️

Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

Learn more about Snyk: https://snyk.co/ugLYl

📱 Connect with Us 📱

🖥️ Website: https://snyk.co/ugLYl
🐦 X:   / snyksec
💼 LinkedIn:   / snyk
💬 Discord:   / discord
▶️ Subscribe: https://www.youtube.com/c/SnykSec?sub...
🔥 We're hiring! Check our open roles: https://snyk.co/ugLYp

🔗 Hashtags 🔗

#DevSecOps #appsec #csrf

Understanding CSRF and SSRF Attacks (Demo and Examples)

Доступные форматы для скачивания:

Скачать видео mp4

Информация по загрузке:

Скачать аудио mp3

Похожие видео

Cross-Site Request Forgery (CSRF) | Complete Guide

Cross-Site Request Forgery (CSRF) | Complete Guide

Application Security 101: A Simple Guide

Application Security 101: A Simple Guide

Опасности CSRF-атак и способы их предотвращения в приложении Spring Boot

Опасности CSRF-атак и способы их предотвращения в приложении Spring Boot

Демонстрация Snyk за 20 минут | 2022

Демонстрация Snyk за 20 минут | 2022

Application Security 101 - What you need to know in 8 minutes

Application Security 101 - What you need to know in 8 minutes

Server-Side Request Forgery (SSRF) Explained

Server-Side Request Forgery (SSRF) Explained

TryHackMe SSRF — полное прохождение 2025

TryHackMe SSRF — полное прохождение 2025

Your App Is NOT Secure If You Don’t Use CSRF Tokens

Your App Is NOT Secure If You Don’t Use CSRF Tokens

Подделка запросов на стороне сервера (SSRF) | Демонстрация

Подделка запросов на стороне сервера (SSRF) | Демонстрация

Cross Site Request Forgery - Computerphile

Cross Site Request Forgery - Computerphile

Why You Should be AFRAID of PDF Files - PDF.js CVE-2024-4367

Why You Should be AFRAID of PDF Files - PDF.js CVE-2024-4367

Cross Site Request Forgery vs Server Side Request Forgery Explained

Cross Site Request Forgery vs Server Side Request Forgery Explained

Cross-Site Scripting: A 25-Year Threat That Is Still Going Strong

Cross-Site Scripting: A 25-Year Threat That Is Still Going Strong

API Security Explained: Rate Limiting, CORS, SQL Injection, CSRF, XSS & More

API Security Explained: Rate Limiting, CORS, SQL Injection, CSRF, XSS & More

Bug Bounty Tip | Do This Exercise Every Day to Get Better at Finding XSS Bugs!

Bug Bounty Tip | Do This Exercise Every Day to Get Better at Finding XSS Bugs!

How I Discovered a CRITICAL Vulnerability in Grafana | Chaining XSS & SSRF | CVE-2025-4123

How I Discovered a CRITICAL Vulnerability in Grafana | Chaining XSS & SSRF | CVE-2025-4123

Пентестинг веб-приложений — HTTP-заголовки и методы

Пентестинг веб-приложений — HTTP-заголовки и методы

Подделка запросов на стороне сервера (SSRF) | Полное руководство

Подделка запросов на стороне сервера (SSRF) | Полное руководство

OSINT для новичков: найдите всё о юзернейме и фото с Sherlock и Google Dorks!

OSINT для новичков: найдите всё о юзернейме и фото с Sherlock и Google Dorks!

CSRF - how to find it in 2024? CSRF bug bounty case study

CSRF - how to find it in 2024? CSRF bug bounty case study