Server-Side Request Forgery with Greg Molnar - RUBY 591

Greg Molnar is a Ruby Developer and OSCP Penetration Tester. He joins the Rogues to talk about Server-Side Request Forgery in Rails. He begins by explaining what Server-Side Request Forgery is and its significance. They also discuss the state of security in Rails and provide their views on the best ways to secure your applications.SponsorsChuck's Resume TemplateRaygun - Application Monitoring For Web & Mobile AppsBecome a Top 1% Dev with a Top End Devs MembershipLinksServer-Side Request Forgery in RailsGitLab fixes serious SSRF flaw that exposed orgs’ internal servers | The Daily SwigGitHub - rubysec/bundler-audit: Patch-level verification for BundlerGitHub - presidentbeef/brakeman: A static analysis security vulnerability scanner for Ruby on Rails applicationsSpektr Heartbleed - Wikipediaxkcd: DependencyGhost In The Wires by Kevin Mitnick | Mitnick SecurityRails SQL Injection examples Securing Rails Applications — Ruby on Rails Guides Burp Suite - Application Security Testing Software - PortSwiggerDeploying with MRSK | Drifting RubyPromoted LinksThis Week in RailsThe Rails ChangelogBlob and File APIsDocsGPT and adopting OpenAI’s Chat Completions APISocialsGreg MolnarGitHub: gregmolnarTwitter: @GregMolnarPicksCharles - The CrewDave - MM11 Pro Switchable Mic Mute/Talk Professional Microphone Switch | Rolls Corporation - Real SoundValentino - OpenAI’s new model – GPT-4 – GPT-4Valentino - This person gives GPT-4 $100 to see how much money it can make – https://twitter.com/jacksonfall/status/1636107218859745286Advertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacyBecome a supporter of this podcast: https://www.spreaker.com/podcast/ruby-rogues--6102073/support.