Server-Side Request Forgery with Greg Molnar - RUBY 591
Published: April 19, 2023
Server-Side Request Forgery with Greg Molnar - RUBY 591
0:00
Playback Speed:
Show Notes
Greg Molnar is a Ruby Developer and OSCP Penetration Tester. He joins the Rogues to talk about Server-Side Request Forgery in Rails. He begins by explaining what Server-Side Request Forgery is and its significance. They also discuss the state of security in Rails and provide their views on the best ways to secure your applications.
Sponsors
- Chuck's Resume Template
- Raygun - Application Monitoring For Web & Mobile Apps
- Become a Top 1% Dev with a Top End Devs Membership
Links
- Server-Side Request Forgery in Rails
- GitLab fixes serious SSRF flaw that exposed orgs’ internal servers | The Daily Swig
- GitHub - rubysec/bundler-audit: Patch-level verification for Bundler
- GitHub - presidentbeef/brakeman: A static analysis security vulnerability scanner for Ruby on Rails applications
- Spektr
- Heartbleed - Wikipedia
- xkcd: Dependency
- Ghost In The Wires by Kevin Mitnick | Mitnick Security
- Rails SQL Injection examples
- Securing Rails Applications — Ruby on Rails Guides
- Burp Suite - Application Security Testing Software - PortSwigger
- Deploying with MRSK | Drifting Ruby
Promoted Links
- This Week in Rails
- The Rails Changelog
- Blob and File APIs
- DocsGPT and adopting OpenAI’s Chat Completions API
Socials
Picks
- Charles - The Crew
- Dave - MM11 Pro Switchable Mic Mute/Talk Professional Microphone Switch | Rolls Corporation - Real Sound
- Valentino - OpenAI’s new model – GPT-4 – GPT-4
- Valentino - This person gives GPT-4 $100 to see how much money it can make – https://twitter.com/jacksonfall/status/1636107218859745286