×

Web App Hacking: Hacking XML Processing

Add to wishlistAdded to wishlistRemoved from wishlist 0
Add to compare+
Duration

50m

level

Beginner

Course Creator

Dawid Czagan

Last Updated

03-Nov-22

This course helps to understand different types of vulnerabilities in XML processing. You’ll learn how to test web applications for various XML processing flaws and how to provide countermeasures for these problems.

Add your review

XML processing is widely used in modern web applications. This course, Web App Hacking: Hacking XML Processing, will teach you how to avoid the severe consequences of insecure XML processing. First, you’ll learn how the attacker can read the content of sensitive files from the web server with an XML External Entity attack (XXE). Next, you’ll discover how the attacker can steal the SecretAccessKey of the application hosted on Amazon Web Services as a result of an XXE attack. Then, you’ll see how the attacker can get a discount in an online store as a result of an XPath injection. After that, you’ll cover how the attacker can steal a user’s password as a result of an XSS attack via XML. Finally, you’ll explore how the attacker can upload an XML-based image (SVG) and steal some sensitive data from a user as a result of an XSS attack via SVG. By the end of the course, you’ll know how to test web applications for various XML processing flaws and how to provide countermeasures for these problems.
Author Name: Dawid Czagan
Author Description:
Dawid Czagan is listed among the Top 10 Hackers by HackerOne. He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of these bugs, he has received numerous awards for his findings. He has delivered security training courses at key industry conferences, such as Hack In The Box, CanSecWest, 44CON, Hack In Paris, DeepSec, BruCON, and for many corporate clients. His students include security specialists from Oracle, Adobe, Red H… more

Table of Contents

  • Course Overview
    2mins
  • Introduction
    5mins
  • XXE Attack
    8mins
  • Going Deeper into an XXE Attack
    7mins
  • XPath Injection
    8mins
  • XSS via XML
    7mins
  • XSS via SVG
    7mins
  • Summary
    3mins

User Reviews

0.0 out of 5
0
0
0
0
0
Write a review

There are no reviews yet.

Be the first to review “Web App Hacking: Hacking XML Processing”

Your email address will not be published. Required fields are marked *

Web App Hacking: Hacking XML Processing
Web App Hacking: Hacking XML Processing
Edcroma
Logo
Compare items
  • Total (0)
Compare
0
https://login.stikeselisabethmedan.ac.id/produtcs/
https://hakim.pa-bangil.go.id/
https://lowongan.mpi-indonesia.co.id/toto-slot/
https://cctv.sikkakab.go.id/
https://hakim.pa-bangil.go.id/products/
https://penerimaan.uinbanten.ac.id/
https://ssip.undar.ac.id/
https://putusan.pta-jakarta.go.id/
https://tekno88s.com/
https://majalah4dl.com/
https://nana16.shop/
https://thamuz12.shop/
https://dprd.sumbatimurkab.go.id/slot777/
https://dprd.sumbatimurkab.go.id/
https://cctv.sikkakab.go.id/slot-777/
https://hakim.pa-kuningan.go.id/
https://hakim.pa-kuningan.go.id/slot-gacor/
https://thamuz11.shop/
https://thamuz15.shop/
https://thamuz14.shop/
https://ppdb.smtimakassar.sch.id/
https://ppdb.smtimakassar.sch.id/slot-gacor/
slot777
slot dana
majalah4d
slot thailand
slot dana
rtp slot
toto slot
slot toto
toto4d
slot gacor
slot toto
toto slot
toto4d
slot gacor
tekno88
https://lowongan.mpi-indonesia.co.id/
https://thamuz13.shop/
https://www.alpha13.shop/
https://perpustakaan.smkpgri1mejayan.sch.id/
https://perpustakaan.smkpgri1mejayan.sch.id/toto-slot/
https://nana44.shop/
https://sadps.pa-negara.go.id/
https://sadps.pa-negara.go.id/slot-777/
https://peng.pn-baturaja.go.id/
https://portalkan.undar.ac.id/
https://portalkan.undar.ac.id/toto-slot/
https://penerimaan.ieu.ac.id/
https://sid.stikesbcm.ac.id/