Learn how to identify and mitigate XML External Entity (XXE) injection vulnerabilities in this informative video tutorial. Explore the fundamentals of XML and external entities before diving into hands-on labs demonstrating XXE attacks. Practice exploiting XXE vulnerabilities through live examples, including via image upload. Gain practical knowledge to better secure applications against this critical web security risk. Follow along with step-by-step demonstrations to understand how XXE attacks work and how to remediate them effectively.
Overview
Syllabus
Introduction to XXE
XML and External Entities
Live XXE Lab
XXE via Image Upload
Outro
Taught by
The Cyber Mentor
Related Courses
-
Secure Coding: Identifying and Mitigating XML External Entity (XXE) Vulnerabilities
-
Web App Hacking: Hacking XML Processing
-
OWASP Top 10 - A05:2021 - Security Misconfiguration
-
OWASP Top 10 - A4:2017 - XML External Entities
-
Protecting Against XML External Entity and Deserialization Attacks in ASP.NET and ASP.NET Core
-
Previous OWASP Risks
