We start this test by first manually checking if your web application allows a user to download an asset from an external resource, such as webhooks, integrations or PDF generators and look for vulnerability that allows modification, extraction or publication of data by exploiting a URL on the server-side.

We look for the vulnerability if your web application has the functionality to import data from a URL, publish data to a URL or read data from a URL that can be manipulated to change the requests performed by the server.

This vulnerability can result in enabling someone to retrieve the content of arbitrary files on the system, which can lead to data exposure, Internal recon, Denial-of-Service (DoS) or Remote code execution (RCE).

We test for both:

Basic SSRF
and
Blind SSRF

We do Basic SSRF to check if there is a vulnerability to get data from the server and Blind SSRF to check if the web application can be induced to issue a back-end HTTP request to a supplied URL.

Report will detail all the tests conducted and the analysis of all SSRF vulnerabilities detected.

Based on our finding through our extensive tests we will provide recommendations in the report on how to fix the SSRF vulnerabilities.