Exploiting XXE for SSRF

Retrieving IAM credentials of EC2 instance using xxe and ssrf

Server-Side Request Forgery (SSRF):- SSRF is an attack in which an attacker can force a vulnerable server to trigger malicious requests to third-party servers and or to internal resources.

For more on SSRF and its exploitation check my previous blog:

--

--

--

Security enthusiast working to secure web for others.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Blocky World War Battleground Hack Free Resources Generator

Kerberos for a Blue teamer-As seen through Logs in SIEM

Cerebrus, the 3 headed fiery monster

Testing for authentication in WebApplication

Bypassing Rate Limit like a PRO !

Week 73 with EPNS

‘Websocket Hijacking’ to steal Session_ID of victim users

PolyDEX Now LIVE on the Testnet

EPNS Partners Crypto Manga

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Gupta Bless

Gupta Bless

Security enthusiast working to secure web for others.

More from Medium

Breaking Parser Logic Gain Access To NGINX Plus API — Read/Write Upstreams.

[1/3] Brute-Force Protection Bypass @ GitLab

Cloud SSRF Exploitation

Detecting and Preventing DLL Hijacking