You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
💭 Introduction:
We want to test whether api's which take in url as a param are vulnerable to port scanning attack using SSRF. You can refer this blog for more details about the attack.
🎯 Requirements:
This test should only run for APIs which are taking url as a parameter in input.
The test should correctly detect whether the port scanning vulnerability can be exploited.
✅ Task summary:
Ask to be assigned to the issue.
Wait to be assigned. We will try to assign in less than 2 hours.
Fork the tests-library repository, create a new branch and commit the yaml file which will be called in your test.
Fork the akto repo, create a new branch and commit changes related to running test via the yaml template created in the previous step.
Write unit tests to test your changes.
Submit both the PRs here.
✌🏻 Hints:
You can build the yaml template by referring this link
You can refer the PR here for changes to be done in akto repo: link
🙋🏼♂️ Questions:
If you have questions, need any help, or just want to hang out, make sure to join us on our Discord server.
The text was updated successfully, but these errors were encountered:
💭 Introduction:
We want to test whether api's which take in url as a param are vulnerable to port scanning attack using SSRF. You can refer this blog for more details about the attack.
🎯 Requirements:
This test should only run for APIs which are taking url as a parameter in input.
The test should correctly detect whether the port scanning vulnerability can be exploited.
✅ Task summary:
✌🏻 Hints:
You can build the yaml template by referring this link
You can refer the PR here for changes to be done in akto repo: link
🙋🏼♂️ Questions:
If you have questions, need any help, or just want to hang out, make sure to join us on our Discord server.
The text was updated successfully, but these errors were encountered: