OWASP Top 10: A4 - XML External Entities

OWASP    |    Intermediate
  • 7 videos | 31m 48s
  • Includes Assessment
  • Earns a Badge
Rating 4.6 of 54 users Rating 4.6 of 54 users (54)
Extensible Markup Language uses tags to describe data and has become the standard information exchange format between dissimilar systems. Many applications use XML to share and manage data. In this course, you'll begin with an XML overview, including document type definitions and how XML differs from HTML. Next, you'll learn what XML external entity attacks are. Moving on, you'll examine how the OWASP ZAP tool can scan a vulnerable web application and identify weaknesses. Next, you'll explore how to scan a web app for XXE vulnerabilities and execute an XXE attack. Lastly, you'll learn how to mitigate XXE attacks.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Identify how extensible markup language (xml) is used to describe data
    List various ways that xml attacks can be executed
    Scan a web application for xml vulnerabilities
  • Execute an xml external entity attack
    Describe how to mitigate xxe attacks
    Summarize the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Rating 4.8 of 16 users Rating 4.8 of 16 users (16)
Rating 4.6 of 344 users Rating 4.6 of 344 users (344)
Rating 4.6 of 182 users Rating 4.6 of 182 users (182)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Rating 4.6 of 59 users Rating 4.6 of 59 users (59)
Rating 4.6 of 68 users Rating 4.6 of 68 users (68)
Rating 4.6 of 57 users Rating 4.6 of 57 users (57)