/tags/url/ Recent content in url on Security, Tech, And Ramblings Hugo -- gohugo.io en-us Copyright © {year} Sean Marpo. All Rights Reserved. Sat, 12 Feb 2022 12:09:08 -0800 /posts/path-traversal-and-ssrf/ Sat, 12 Feb 2022 12:09:08 -0800 /posts/path-traversal-and-ssrf/ I was recently working on a security review, and I came across an anti-pattern I’ve seen time and time again. Sure, it might be obvious, but this was a relatively tenured developer who suggested this particular solution. It’s seemingly pervasive enough that it warrants digging into. So, with that in mind, let’s chat about path traversal and SSRF. The Context I was performing an app/code review of a new “thing” to keep this vague enough.