Web Exploitation SSRF Deep Dive: Pivoting to Cloud Metadata, Internal Scans, and Filter Bypass
A practical guide to Server-Side Request Forgery: cloud metadata theft, internal port scanning, filter bypass, and Blue Team defenses.
SSRF
Web Exploitation 
Web Exploitation XXE Attacks: Exploiting XML External Entities for File Disclosure and Blind OOB Exfiltration
A practical guide to XML External Entity attacks — DOCTYPE abuse, file disclosure, SSRF, blind/OOB exfiltration, and defense.
Tools & Defense AWS Security Fundamentals and Attack Techniques: IAM, S3, and the Metadata Service
A practical primer on attacking and defending AWS: IAM enumeration, S3 misconfigurations, IMDS abuse, and Pacu.