ssrf | Cybenari

top of page

Home
About us
Contact
Blog
Services
AppSec Service
SOC2 Penetration Testing
Penetration Testing
AppSec Service
SOC2 Penetration Testing
Penetration Testing

All Posts
scada
Uncategorized
case study
Penetration Testing
Secure Coding
AppSec
canary tokens
Honeypots
Red Team
Threat Modeling
Research

Exploiting PDF Generation -A Case Study in SSRF and JavaScript Injection

During a recent pentest, we exploited an insecure PDF generator to trigger SSRF and access AWS instance metadata. PDF generators often allow risky features like JavaScript by default, making them an overlooked attack surface.

idan ba

Sep 94 min read

CYBENARI

Cybenari, founded in 2022 by Idan Ben Ari, a cybersecurity expert with over 12 years of experience, is a consulting practice based in Israel that specializes in advanced penetration testing, appsec , and SOC2 penetration testing. With a strong technical foundation and a focus on actionable results, Cybenari partners with organizations to identify critical risks, enhance their security posture, and ensure they meet industry compliance standards

Contact

Shalom Rozenfeld 2,
Herzliya, Israel
idan@cybenari.com

Tel: +972-544-389-643

Quick Menu

Home
About us
Contact
Blog
Services
AppSec Service
SOC2 Penetration Testing
Penetration Testing
AppSec Service
SOC2 Penetration Testing
Penetration Testing

Home
About us
Contact
Blog
Services
AppSec Service
SOC2 Penetration Testing
Penetration Testing
AppSec Service
SOC2 Penetration Testing
Penetration Testing

bottom of page