Save for later
Web App Hacking
Hacking XML Processing
XML processing is widely used in modern web applications. This course, Web App Hacking: Hacking XML Processing, will teach you how to avoid the severe consequences of insecure XML processing. First, you’ll learn how the attacker can read the content of sensitive files from the web server with an XML External Entity attack (XXE). Next, you’ll discover how the attacker can steal the SecretAccessKey of the application hosted on Amazon Web Services as a result of an XXE attack. Then, you’ll see how the attacker can get a discount in an online store as a result of an XPath injection. After that, you’ll cover how the attacker can steal a user’s password as a result of an XSS attack via XML. Finally, you’ll explore how the attacker can upload an XML-based image (SVG) and steal some sensitive data from a user as a result of an XSS attack via SVG. By the end of the course, you'll know how to test web applications for various XML processing flaws and how to provide countermeasures for these problems.
Get a Reminder
Rating | Not enough ratings |
---|---|
Length | 0.8 hours |
Starts | On Demand (Start anytime) |
Cost | $35/month (Access to entire library- free trial available) |
From | Pluralsight |
Instructor | Dawid Czagan |
Download Videos | On Windows, MacOS, iOS, and Android Pluralsight app |
Language | English |
Subjects | IT & Networking |
Tags | Penetration Testing Security Professional |
Get a Reminder
Similar Courses
Careers
An overview of related careers and their average salaries in the US. Bars indicate income percentile.
Processing Specialist 1 $37k
Processing Agent $42k
Staff Processing Specialist $46k
Blood Processing Technologist $46k
Supervisor Processing $51k
Ocular processing $52k
Word Processing $57k
Specimen processing $64k
Processing Engineer $66k
PDM / PLM Implementation Programmer XML VB.NET C SQL $80k
Senior Technical Writer/XML Developer $187k
Senior Technical Technical Writer/XML Developer Lead $205k
Write a review
Your opinion matters. Tell us what you think.
Please login to leave a review
Rating | Not enough ratings |
---|---|
Length | 0.8 hours |
Starts | On Demand (Start anytime) |
Cost | $35/month (Access to entire library- free trial available) |
From | Pluralsight |
Instructor | Dawid Czagan |
Download Videos | On Windows, MacOS, iOS, and Android Pluralsight app |
Language | English |
Subjects | IT & Networking |
Tags | Penetration Testing Security Professional |
Similar Courses
Sorted by relevance
Like this course?
Here's what to do next:
- Save this course for later
- Get more details from the course provider
- Enroll in this course