Hacking AWS Account via AWS Lambda SSRF

Server-side request forgery (SSRF) attack is used for abusing functionality on the server to read or update internal resources. The main idea behind an SSRF attack is to manipulate the input parameters of an application that interact with external systems, such as URLs, IP addresses, or file paths. By injecting a special URL that is important for internal systems, an attacker can force an application to access an internal resource that is not intended to be exposed. Besides SSRF is …

abusing access account addresses application applications attack aws aws lambda cloud cloud resources devops exposed external file forgery hacking important input internal ip addresses lambda main request resources security server server-side request forgery special ssrf systems threat update url urls web web applications