What is DNS Rebinding? - apviso [APVISO](/)Product

Resources

Developers

Company

[Pricing](/#pricing)[Partners](/partners)[Enterprise](/enterprise)

[Login](/login)[Get started](/register)

[Login](/login)[Start pentest](/register)

[Home](/)[Glossary](/glossary)DNS Rebinding[Back to Glossary](/glossary)DNS Rebinding
=============

An attack that manipulates DNS resolution to bypass same-origin policy, allowing a web page to communicate with internal network services.

vulnerabilityDNSnetwork security

DNS rebinding is a technique that exploits DNS resolution timing to bypass the browser's same-origin policy. The attacker sets up a domain with a very short TTL (Time to Live) that initially resolves to the attacker's server, then quickly switches to resolve to an internal IP address (like 127.0.0.1 or 192.168.x.x). JavaScript loaded from the initial resolution can then make requests to the internal service as if it were the same origin.

This attack is particularly effective against internal services that rely on network-level access control ("it's only accessible from the internal network, so it doesn't need authentication"). IoT devices, development servers, internal APIs, and cloud metadata services are common targets.

Defenses include validating the Host header on internal services, implementing proper authentication regardless of network location, and using DNS pinning (though browser support varies).

How APVISO tests for this: APVISO's pentester agent tests for services vulnerable to DNS rebinding by identifying internal-facing endpoints that lack proper Host header validation and authentication. The recon agent maps internal service topology to identify high-value rebinding targets.

Related Terms
-------------

[Server-Side Request Forgery (SSRF)](/glossary/ssrf)[Subdomain Takeover](/glossary/subdomain-takeover)

Test your applications for dns rebinding vulnerabilities
--------------------------------------------------------

APVISO's AI agents automatically test for this and many more vulnerability categories.

[Contact sales](/contact)

[APVISO](/)Autonomous AI-powered penetration testing for modern web applications.

Subscribe

[](https://github.com/apviso)[](https://x.com/Apviso_com)[](https://www.linkedin.com/company/apviso/)

[![Featured on Good AI Tools](https://goodaitools.com/assets/images/badge.png)](https://goodaitools.com/ai/apviso)

Product

- [Features](/#features)
- [Sentinel](/sentinel)
- [Pricing](/pricing)
- [Integrations](/integrations)
- [Benchmarks](/#compare)
- [Affiliate Program](/affiliate)
- [Partners](/partners)
- [Enterprise](/enterprise)

Resources

- [Blog](/blog)
- [Use Cases](/use-cases)
- [Glossary](/glossary)
- [Comparisons](/comparisons)
- [Alternatives](/alternatives)
- [Compliance](/compliance)
- [Vulnerabilities](/vulnerabilities)
- [Industries](/industries)
- [OWASP APTS](/trust/apts)

Developers

- [Knowledge Base](/docs)
- [API Reference](/docs/api)
- [MCP Server](/docs/mcp)

Company

- [About](/about)
- [Contact](/contact)
- [Status](https://status.apviso.com)
- [Privacy Policy](/legal/privacy)
- [Terms of Service](/legal/terms)

© 2026 APVISO. All rights reserved.
