all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

2: XML External Entity Injection (XXE) - Gin and Juice Shop (Portswigger)

Add to bookmarks
June 7, 2024, 2:21 p.m. | CryptoCat

CryptoCat www.youtube.com

XML External Entity Injection (XXE) - Episode 3 of hacking the Gin and Juice shop; an intentionally vulnerable web application developed by Portswigger. The website was created primarily to demonstrate the features of Burp pro vulnerability scanner. However, throughout the series, we will leverage burp suite (and other tools) to exploit the high, medium, low and informational issues identified by the scanner. Hopefully these videos will be useful for aspiring bug bounty hunters, security researchers, pentesters, CTF players etc 🙂 …

application burp burp suite episode external features hacking injection portswigger pro scanner series shop vulnerability vulnerability scanner vulnerable vulnerable web application web web application website xml xxe

Visit resource

More from www.youtube.com / CryptoCat

XSS in PDF.js (CVE-2024-4367) - "Upload" [Akasec CTF 2024] 2 weeks, 2 days ago | www.youtube.com
appsec beginners challenge ctf +25
2: XML External Entity Injection (XXE) - Gin and Juice Shop (Portswigger) 2 weeks, 5 days ago | www.youtube.com
application burp burp suite episode +18
Burp Suite Certified Professional (BSCP) Review + Tips/Tricks [Portswigger] 2 months, 1 week ago | www.youtube.com
appsec bounty bug bug bounty +25
1: SQL Injection (Union + Blind) - Gin and Juice Shop (Portswigger) 2 months, 4 weeks ago | www.youtube.com
application burp burp suite exploit +18
HackTheBox Cyber Apocalypse 2024: Web Challenge Walkthroughs 3 months, 1 week ago | www.youtube.com
403 bypass api api testing apocalypse +32
0: Getting Started with Burp Suite - Gin and Juice Shop (Portswigger) 3 months, 3 weeks ago | www.youtube.com
application burp burp suite course +17
LA CTF 2024: Web Challenge Walkthroughs (1-4) 4 months, 1 week ago | www.youtube.com
beginners challenge challenges conditions +26
How to Approach an OSINT Challenge - "Photographs" [INTIGRITI 1337UP LIVE CTF 2023] 7 months ago | www.youtube.com
accounts back challenge ctf +19
Format String Vulnerability - "Floor Mat Store" [INTIGRITI 1337UP LIVE CTF 2023] 7 months ago | www.youtube.com
binary binary exploitation challenge computer +12

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California
View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Vice President, Controls Design & Development-7

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Vice President, Controls Design & Development-5

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Data Scientist & AI Prompt Engineer

@ Varonis | Israel
View on infosec-jobs.com

Contractor

@ Birlasoft | INDIA - MUMBAI - BIRLASOFT OFFICE, IN
View on infosec-jobs.com