This repository contains the code for demonstrating a SSRF vulnerability in a close-to real-world scenario.
The demonstration is written in PHP and makes use of the [Laravel framework](https://laravel.com).
To get started, set up the project on a web server (e.g. NGINX, Apache) and connect it to a database (MySQL, MariaSQL).
To get started, clone the project and set it up on a web server with PHP 8.0 (e.g. NGINX, Apache), as well as connecting it to a database (MySQL, MariaSQL).
The webserver needs to be pointed to the entry point of the application, which is `public/index.php`.
Make sure the values are correctly set in the .env file.
For more information on this, click [here](https://laravel.com/docs/8.x/installation) and also [here](https://laravel.com/docs/8.x/installation#environment-based-configuration).
There are many options that aim to simplify this process, for example:
-[DDEV](ddev.com)
Install the PHP dependency manager Composer and run `composer install`.
For more information on the installation steps, click [here](https://laravel.com/docs/8.x/installation) and also [here](https://laravel.com/docs/8.x/installation#environment-based-configuration).
There are many options that aim to simplify the setup process, for example:
-[DDEV](ddev.com)(This is probably the easiest way if you have Docker
installed, and also what I use to run this project. After the DDEV
installation, simply run `ddev provision && ddev launch profile` inside the
