Course Hive
Search

Welcome

Sign in or create your account

Continue with Google
or
Why is XML so vulnerable? (XXE Demos)
Play lesson

Kali Linux: Ethical Hacking Getting Started Course - Why is XML so vulnerable? (XXE Demos)

4.0 (0)
8 learners

What you'll learn

This course includes

  • 53.3 hours of video
  • Certificate of completion
  • Access on mobile and TV

Summary

Keywords

Full Transcript

Big thank you to Brilliant for sponsoring this video! To try Brilliant for free (for 30 days) and to get a 20% discount, visit: https://Brilliant.org/davidbombal // Tib3rius’ SOCIAL // YouTube: https://www.youtube.com/Tib3rius Website: https://tib3rius.com/ Twitch: https://www.twitch.tv/0xTib3rius GitHub: https://github.com/Tib3rius LinkedIn: https://www.linkedin.com/in/tib3rius/ X: https://x.com/0xtib3rius Bluesky: https://bsky.app/profile/tib3rius.bsky.social // Links REFERENCE // XXE Demo Repo: https://github.com/Tib3rius/XXE-Demos Dynamic Tool-DTD Repo: https://github.com/Tib3rius/Dynamic-DTD // Specific Webpage REFERENCE // https://en.wikipedia.org/wiki/Billion_laughs_attack https://tib3rius.com/robots.txt // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb X: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/@davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: [email protected] // MENU // 0:00 - Coming up0:33 - Intro 03:07 - Brilliant Advert 04:22 - What is XXE 06:24 - XXE Demo Intro 08:54 - XML Spec Defined Entities 13:27 - XML Billion Laughs Attack 15:07 - XML Exploits 16:27 - XXE Demo Basic Example 1 22:33 - XXE Demo Basic Example 2 23:33 - Error-Based XXE Demo 30:11 - Dynamic DTD Demo 34:45 - The Community 35:33 - Out-Of-Band XXE Demo 40:12 - XML Tips & Tricks 41:25 - Outro xxe xss xml http https website xml external entities cross site scripting portswigger ajax jscript lol lol attack billion laughts billion lol javascript xss attack xxe attack xxe video tutorial xxs attack tutorial xxe explained xss explained xxe attack example xxe bug bounty xxe tutorial xxe vulnerability xxe vs csrf attack xe example kali linux penetration testing ethical hacking bug bounty cross site scripting cross-site scripting red teaming cyber security kali linux install kali linux 2025 ethical hacker course ethical hacker javascript ajax jquery node js node js hacking portswigger Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #xxe #xss #hacking

Course Hive

Continue this lesson in the app

Install CourseHive on Android or iOS to keep learning while you move.

FAQs

Course Hive
Download CourseHive
Keep learning anywhere