Where can I learn about reverse proxy’s and path traversal SSRF?

I am tasked to record a lesson for my students about path traversal SSRF (Server-Side Request Forgery) my understanding is reverse proxy’s are heavily used on big websites which have a massive attack surface.

Some weird proxy’s process requests differently at times an attacker is able to traverse out of an API call and access internal apps routing through a reverse proxy.

I am wanting to learn the following things about the things above.

  1. How do I get access to private endpoints?
  2. What are some interesting payloads to try?
  3. How would I be able to achieve access to internal apps?

I hope anyone on here can help me 🙂

Cheers, Blake