A Hands-on XML External Entity Vulnerability Training Module

Many web applications that accept and respond to XML requests are vulnerable to XML External Entity (XXE) attacks due to default XML parser settings. This vulnerability can be exploited to read arbitrary files from the server, including sensitive files such as the application configuration files....

By

Carrie Roberts

November 4, 2013

All papers are copyrighted. No re-posting of papers is permitted

Related Content

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

Coolest Careers Poster

SANSがおすすめするサイバーセキュリティの仕事20選: DevSecOps エンジニア

DevSecOps エンジニアの主な業務や、スキルアップのためのSANSのおすすめのコースを紹介します！

Cloud Security, DevSecOps

February 10, 2023

What is DevSecOps

Part one of a four-part blog series about what’s needed to shake, shimmy, and shift left

Stacey Dunn