Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Exploiting XXE Vulnerabilities in File Parsing Functionality

Overview

Explore techniques for exploiting XXE vulnerabilities in file parsing and upload functionality in this Black Hat conference talk. Delve into XML Entity Attacks within XML-supported file formats like docx, xlsx, and pptx, using real-world examples from products and recent bug bounties. Learn step-by-step technical details and discover a battle-tested tool for efficiently creating 'XXE backdoored' files across various formats.

Syllabus

Exploiting XXE Vulnerabilities In File Parsing Functionality

Taught by

Black Hat

Reviews

Start your review of Exploiting XXE Vulnerabilities in File Parsing Functionality

Start learning

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

Exploiting XXE Vulnerabilities in File Parsing Functionality

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

Uncle Rat's XXE Handbook

FileCry - The New Age of XXE

Remediating XML External Entity Injection - Cyber Security Tutorial

Web App Testing - XXE, Input Validation, Broken Access Control, and More XSS

From DTD to XXE - An Evaluation of XML Parsers

Beginner Web Application Hacking

Never Stop Learning.