• dig without dig

    curl -s -H 'host: dns.google.com' \
      '' \
      | jq

  • Getting sneaky with DNS for SSRF Understanding how fundamental technologies work goes a long way ...

    Generally when I make http requests against a domain, I wouldn’t expect it to make requests on my localhost - but sometimes, just that happens. For getting sneaky with SSRF attacks you can have a DNS record point to When a record pointing to is resolved, your application will end up making requests For experimentation, I used one of Rapid7’s free datasets, & found the domain volks-seat.de pointing It never occurred to …