moai-security-ssrf
Installation
SKILL.md
SSRF Protection Expert
Server-Side Request Forgery (SSRF) Prevention
Focus: URL Validation, Allowlisting, Network Segmentation
Stack: Python (urllib/ipaddress), TypeScript (URL API)
Overview
Comprehensive defense strategies against SSRF attacks where an attacker induces the server to make requests to unintended locations.
Core Defense Layers
- Input Validation: Strict allowlisting of domains and protocols.
- Network Layer: Blocking access to internal/private IP ranges (10.0.0.0/8, 127.0.0.1, etc.).
- Application Layer: Disabling redirects, validating response types.
- Infrastructure: Running services in isolated network environments.
Related skills
More from jg-chalk-io/nora-livekit
moai-security-secrets
Enterprise Skill for advanced development
9moai-security-compliance
Enterprise Skill for advanced development
4moai-security-identity
Enterprise Skill for advanced development
4moai-security-zero-trust
Enterprise Skill for advanced development
4moai-security-devsecops
SAST/DAST/SCA automation, CI/CD security pipelines, vulnerability management
4moai-essentials-review
Enterprise comprehensive code review automation with AI-powered quality
3