I recently read an excellent article by d0nut on his experience in hunting for SSRF vulns.
What stood out for me is how he approaches testing features he suspects may be vulnerable to SSRF, and the way he shared it with practice stories from his own experiences. Has me rethinking my approach to SSRF. Especially after I checked out Ben’s slides on how he p0wned a server side PDF rendering on Uber.
Worth the read. Enjoy!