Server-Side Request Forgery with Greg Molnar - RUBY 591

Greg Molnar is a Ruby Developer and OSCP Penetration Tester. He joins the Rogues to talk about Server-Side Request Forgery in Rails. He begins by explaining what Server-Side Request Forgery is and its significance. They also discuss the state of security in Rails and provide their views on the best ways to secure your applications.
SponsorsChuck's Resume TemplateRaygun - Application Monitoring For Web & Mobile AppsBecome a Top 1% Dev with a Top End Devs Membership
LinksServer-Side Request Forgery in RailsGitLab fixes serious SSRF flaw that exposed orgs’ internal servers | The Daily SwigGitHub - rubysec/bundler-audit: Patch-level verification for BundlerGitHub - presidentbeef/brakeman: A static analysis security vulnerability scanner for Ruby on Rails applicationsSpektr Heartbleed - Wikipediaxkcd: DependencyGhost In The Wires by Kevin Mitnick | Mitnick SecurityRails SQL Injection examples Securing Rails Applications — Ruby on Rails Guides Burp Suite - Application Security Testing Software - PortSwiggerDeploying with MRSK | Drifting Ruby
Promoted LinksThis Week in RailsThe Rails ChangelogBlob and File APIsDocsGPT and adopting OpenAI’s Chat Completions API
SocialsGreg MolnarGitHub: gregmolnarTwitter: @GregMolnar
PicksCharles - The CrewDave - MM11 Pro Switchable Mic Mute/Talk Professional Microphone Switch | Rolls Corporation - Real SoundValentino - OpenAI’s new model – GPT-4 – GPT-4Valentino - This person gives GPT-4 $100 to see how much money it can make – https://twitter.com/jacksonfall/status/1636107218859745286

Advertising Inquiries: https://redcircle.com/brands

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/ruby-rogues--6102073/support.