Course curriculum

  • 01

    Section 1: Introduction

    • 2. Introduction

  • 02

    Section 2: What is XXE

    • 3. What is XXE?

  • 03

    Section 3: XXE Entry Points

    • 4. XXE Entry points

  • 04

    Section 4: Exploiting XXE

    • 5. Exploiting XXE

  • 05

    Section 5: WAF and Filter Evasion

    • 6. WAF and filter evasion

  • 06

    Section 6: Tools to find and how to prevent XXE

    • 7. Tools to find and how to prevent XXE

  • 07

    Section 7: Throwing it all Together

    • 8. Throwing it all together

    • Assignment 1: Let's talk XXE

  • 08

    Section 8: Let's try it

    • 9. Labs: XXE

  • 09

    Section 9: Practical Examples

    • 10. XXE On the portswigger labs

    • 11. XXE Is so much more than just XML

    • 12. XXE Through DOCX

    • 13. Blind XXE and parameter Entities

    • 14. Chaining XXE into SSRF