BowTiedGuppy’s Cybersecurity Essentials

Share this post

Create a SSRF vulnerable website

bowtiedguppy.substack.com

Create a SSRF vulnerable website

Using Dockers!

BowTiedGuppy
Dec 08, 2022
∙ Paid
Share this post

Create a SSRF vulnerable website

bowtiedguppy.substack.com
Share

Welcome to today’s lab - creating a SSRF vulnerable website. Read the TLDR on SSRF over at guppysecurity.

In this lab you will learn about

  • Docker containers

  • Docker-Compose

  • SSRF

You will learn how to build multiple docker containers and manage them with docker-compose. The containers will mimic the setup of a website with an API and backend vulnerable to SSRF.

While going through the setup you will identify why and how SSRF vulnerabilities occur and how you could abuse them.

Get a flask web app into docker

First things first.

This is the folder structure we will begin with:

.
├── frontend
│   ├── app
│   │   └── main.py
│   └── Dockerfile
├── docker-compose.yml

This post is for paid subscribers

Already a paid subscriber? Sign in
© 2024 BowTiedGuppy
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture
Share