A Hands-on XML External Entity Vulnerability Training Module

Many web applications that accept and respond to XML requests are vulnerable to XML External Entity (XXE) attacks due to default XML parser settings. This vulnerability can be exploited to read arbitrary files from the server, including sensitive files such as the application configuration files....

By

Carrie Roberts

November 4, 2013

All papers are copyrighted. No re-posting of papers is permitted

Related Content

Coolest Careers Poster

SANSがおすすめするサイバーセキュリティの仕事20選: DevSecOps エンジニア

DevSecOps エンジニアの主な業務や、スキルアップのためのSANSのおすすめのコースを紹介します！

Cloud Security, DevSecOps

February 10, 2023

What is DevSecOps

Part one of a four-part blog series about what’s needed to shake, shimmy, and shift left

Stacey Dunn

December 6, 2019

ASP.NET MVC: Using Identity for Authentication and Authorization

Guest Editor: Today's post is from Taras Kholopkin. Taras is a Solutions Architect at SoftServe, Inc. In this post, Taras will take a look at the authentication and authorization security features built into the ASP.NET MVC framework. Implementing authentication and authorization mechanisms into a...

Taras Kholopkin