SSRF
Server Side Request Forgery (SSRF)
Query string (hidden) parameters indicating SSRF
?dest={target}
?redirect={target}
?uri={target}
?path={target}
?continue={target}
?url={target}
?window={target}
?next={target}
?data={target}
?reference={target}
?site={target}
Explore POST data JSON properties as well. Especially for API integration functionalities.
Bypass input validation filters with
use IP converters
Last updated
Was this helpful?