下载 APKPure App
可在安卓获取SSRF (Web)的历史版本
可能能够从未直接暴露在互联网上的服务中读取数据
The target application may have functionality for importing data from a URL, publishing data to a URL or otherwise reading data from a URL that can be tampered with. The attacker modifies the calls to this functionality by supplying a completely different URL or by manipulating how URLs are built (path traversal etc.).
When the manipulated request goes to the server, the server-side code picks up the manipulated URL and tries to read data to the manipulated URL. By selecting target URLs the attacker may be able to read data from services that are not directly exposed on the internet
Last updated on 2021年07月22日
Minor bug fixes and improvements. Install or update to the newest version to check it out!
SSRF (Web)
1.0.0 by hpAndro
2021年07月22日