stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

docs consolidation and others

Browse Source
This commit is contained in:
master
2026-01-06 19:02:21 +02:00
parent d7bdca6d97
commit 4789027317
849 changed files with 16551 additions and 66770 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/__Tests/security/StellaOps.Security.Tests/A10_SSRF/SsrfTests.cs
View File

@@ -108,7 +108,8 @@ public class SsrfTests : SecurityTestBase
var validator = new UrlValidator();
// Even if hostname looks external, resolved IP must be validated
var externalLookingUrl = "http://attacker-controlled.example.com";
// Example URL that could resolve to internal IP via DNS rebinding
_ = "http://attacker-controlled.example.com";
// Simulate DNS resolving to internal IP
var resolvedIp = IPAddress.Parse("127.0.0.1");
@@ -122,7 +123,8 @@ public class SsrfTests : SecurityTestBase
{
// Arrange
var validator = new UrlValidator();
var initialUrl = "https://attacker.com/redirect";
// Initial URL redirects to internal metadata endpoint
_ = "https://attacker.com/redirect";
var redirectTarget = "http://169.254.169.254/latest/meta-data/";
// Act - Check if redirect target is safe