> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# Server-Side Request Forgery

> Recursos cross-platform para Server-Side Request Forgery: máquinas HTB, labs PortSwigger y rooms TryHackMe curados, con writeups validados y skills relacionadas.

# Server-Side Request Forgery

Esta página agrega los **recursos para practicar Server-Side Request Forgery** de forma cross-platform: máquinas retiradas de Hack The Box, labs de PortSwigger Web Security Academy y rooms de TryHackMe, más recursos curados (HackTricks, PortSwigger, etc.) y skills relacionadas.

## Recursos curados

| Fuente     | Enlace                                                                                                                                                                                   |
| ---------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| HackTricks | [https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/index.html](https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/index.html) |

## Máquinas HTB que practican Server-Side Request Forgery (10)

| Máquina                                              | SO      | Dificultad                                           |
| ---------------------------------------------------- | ------- | ---------------------------------------------------- |
| [AdmirerToo](/htb/machines/linux/dificil/admirertoo) | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Dab](/htb/machines/linux/dificil/dab)               | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Forge](/htb/machines/linux/medio/forge)             | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Fulcrum](/htb/machines/linux/insano/fulcrum)        | Linux   | <span className="dbadge dbadge-insane">INSANE</span> |
| [Haircut](/htb/machines/linux/medio/haircut)         | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |
| [Kotarak](/htb/machines/linux/dificil/kotarak)       | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Love](/htb/machines/windows/facil/love)             | Windows | <span className="dbadge dbadge-easy">EASY</span>     |
| [Minion](/htb/machines/windows/insano/minion)        | Windows | <span className="dbadge dbadge-insane">INSANE</span> |
| [OverGraph](/htb/machines/linux/dificil/overgraph)   | Linux   | <span className="dbadge dbadge-hard">HARD</span>     |
| [Time](/htb/machines/linux/medio/time)               | Linux   | <span className="dbadge dbadge-medium">MEDIUM</span> |

## Labs PortSwigger que practican Server-Side Request Forgery (11)

| Lab                                                                                                                             | Dificultad                                                 | Topic                              | Oficial                                                                                                              |
| ------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ---------------------------------- | -------------------------------------------------------------------------------------------------------------------- |
| [Basic SSRF against another back-end system](/portswigger/labs/ssrf/basic-ssrf-against-backend-system)                          | <span className="dbadge dbadge-easy">APPRENTICE</span>     | SSRF (Server-Side Request Forgery) | [Abrir](https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-backend-system)                             |
| [Basic SSRF against the local server](/portswigger/labs/ssrf/basic-ssrf-against-localhost)                                      | <span className="dbadge dbadge-easy">APPRENTICE</span>     | SSRF (Server-Side Request Forgery) | [Abrir](https://portswigger.net/web-security/ssrf/lab-basic-ssrf-against-localhost)                                  |
| [Blind SSRF with Shellshock exploitation](/portswigger/labs/ssrf/blind-shellshock-exploitation)                                 | <span className="dbadge dbadge-easy">APPRENTICE</span>     | SSRF (Server-Side Request Forgery) | [Abrir](https://portswigger.net/web-security/ssrf/blind/lab-shellshock-exploitation)                                 |
| [Exploiting XXE to perform SSRF attacks](/portswigger/labs/xxe/exploiting-xxe-to-perform-ssrf)                                  | <span className="dbadge dbadge-easy">APPRENTICE</span>     | XXE (XML External Entity)          | [Abrir](https://portswigger.net/web-security/xxe/lab-exploiting-xxe-to-perform-ssrf)                                 |
| [SSRF with whitelist-based input filter](/portswigger/labs/ssrf/ssrf-with-whitelist-filter)                                     | <span className="dbadge dbadge-easy">APPRENTICE</span>     | SSRF (Server-Side Request Forgery) | [Abrir](https://portswigger.net/web-security/ssrf/lab-ssrf-with-whitelist-filter)                                    |
| [Blind SSRF with out-of-band detection](/portswigger/labs/ssrf/blind-out-of-band-detection)                                     | <span className="dbadge dbadge-medium">PRACTITIONER</span> | SSRF (Server-Side Request Forgery) | [Abrir](https://portswigger.net/web-security/ssrf/blind/lab-out-of-band-detection)                                   |
| [Routing-based SSRF](/portswigger/labs/host-header/exploiting-host-header-routing-based-ssrf)                                   | <span className="dbadge dbadge-medium">PRACTITIONER</span> | HTTP Host Header Attacks           | [Abrir](https://portswigger.net/web-security/host-header/exploiting/lab-host-header-routing-based-ssrf)              |
| [SSRF via flawed request parsing](/portswigger/labs/host-header/exploiting-host-header-ssrf-via-flawed-request-parsing)         | <span className="dbadge dbadge-medium">PRACTITIONER</span> | HTTP Host Header Attacks           | [Abrir](https://portswigger.net/web-security/host-header/exploiting/lab-host-header-ssrf-via-flawed-request-parsing) |
| [SSRF via OpenID dynamic client registration](/portswigger/labs/oauth/openid-oauth-ssrf-via-openid-dynamic-client-registration) | <span className="dbadge dbadge-medium">PRACTITIONER</span> | OAuth Authentication               | [Abrir](https://portswigger.net/web-security/oauth/openid/lab-oauth-ssrf-via-openid-dynamic-client-registration)     |
| [SSRF with blacklist-based input filter](/portswigger/labs/ssrf/ssrf-with-blacklist-filter)                                     | <span className="dbadge dbadge-medium">PRACTITIONER</span> | SSRF (Server-Side Request Forgery) | [Abrir](https://portswigger.net/web-security/ssrf/lab-ssrf-with-blacklist-filter)                                    |
| [SSRF with filter bypass via open redirection vulnerability](/portswigger/labs/ssrf/ssrf-filter-bypass-via-open-redirection)    | <span className="dbadge dbadge-medium">PRACTITIONER</span> | SSRF (Server-Side Request Forgery) | [Abrir](https://portswigger.net/web-security/ssrf/lab-ssrf-filter-bypass-via-open-redirection)                       |

## Rooms TryHackMe que practican Server-Side Request Forgery (4)

| Room                                                                | Dificultad                                         | Tipo        | Acceso  | Oficial                                                   |
| ------------------------------------------------------------------- | -------------------------------------------------- | ----------- | ------- | --------------------------------------------------------- |
| [Advent of Cyber 2023](/tryhackme/rooms/adventofcyber2023)          | <span className="dbadge dbadge-easy">EASY</span>   | Walkthrough | 🟢 Free | [Abrir](https://tryhackme.com/room/adventofcyber2023)     |
| [Intro to SSRF](/tryhackme/rooms/ssrfqi)                            | <span className="dbadge dbadge-easy">EASY</span>   | Walkthrough | 🔵 VIP  | [Abrir](https://tryhackme.com/room/ssrfqi)                |
| [Wordpress: CVE-2021-29447](/tryhackme/rooms/wordpresscve202129447) | <span className="dbadge dbadge-easy">EASY</span>   | Challenge   | 🟢 Free | [Abrir](https://tryhackme.com/room/wordpresscve202129447) |
| [SSRF](/tryhackme/rooms/ssrfhr)                                     | <span className="dbadge dbadge-easy">MEDIUM</span> | Walkthrough | 🟢 Free | [Abrir](https://tryhackme.com/room/ssrfhr)                |

## Skills relacionadas

* [/skills/xss](/skills/xss)
* [/skills/rce](/skills/rce)

***

← [Volver al glosario completo](/glosario)

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"DefinedTerm","name":"Server-Side Request Forgery","termCode":"ssrf","inLanguage":"es","url":"https://rootea.es/skills/ssrf","inDefinedTermSet":{"@type":"DefinedTermSet","name":"Glosario táctico de pentesting","url":"https://rootea.es/glosario"}}`}
</script>

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"ItemList","name":"Máquinas HTB que practican Server-Side Request Forgery","numberOfItems":10,"itemListElement":[{"@type":"ListItem","position":1,"url":"https://rootea.es/htb/machines/linux/dificil/admirertoo","name":"AdmirerToo"},{"@type":"ListItem","position":2,"url":"https://rootea.es/htb/machines/linux/dificil/dab","name":"Dab"},{"@type":"ListItem","position":3,"url":"https://rootea.es/htb/machines/linux/medio/forge","name":"Forge"},{"@type":"ListItem","position":4,"url":"https://rootea.es/htb/machines/linux/insano/fulcrum","name":"Fulcrum"},{"@type":"ListItem","position":5,"url":"https://rootea.es/htb/machines/linux/medio/haircut","name":"Haircut"},{"@type":"ListItem","position":6,"url":"https://rootea.es/htb/machines/linux/dificil/kotarak","name":"Kotarak"},{"@type":"ListItem","position":7,"url":"https://rootea.es/htb/machines/windows/facil/love","name":"Love"},{"@type":"ListItem","position":8,"url":"https://rootea.es/htb/machines/windows/insano/minion","name":"Minion"},{"@type":"ListItem","position":9,"url":"https://rootea.es/htb/machines/linux/dificil/overgraph","name":"OverGraph"},{"@type":"ListItem","position":10,"url":"https://rootea.es/htb/machines/linux/medio/time","name":"Time"}]}`}
</script>

*Última actualización: 2026-05-09*
