Overview
Write Ups Compilations/Resources
Main Resources
Labs
Cross Site Request Forgery
- Cross Site Request Forgery (CSRF)
Missing Access Controls
- Missing Access Controls
LFI / Directory Traversal
- Local File Inclusion
XXE
- XML External Entity (XXE)
Injection
SSRF
- Server-Side Request Forgery (SSRF)
  - SSRF Write-ups
  - Source Code Review
Unvalidated Redirects and Forwards
- Unvalidated Redirects and Forwards
  - Writeups
  - Source Code Examples
Verbose Error Messages and Stack Traces
- Verbose Error Messages and Stack Traces
  - Write-ups

Powered by GitBook

On this page

Was this helpful?

XXE

XML External Entity (XXE)

Labs

PreviousSource Code Examples NextMore Writeups

Last updated 3 years ago

Lab: Exploiting XXE using external entities to retrieve files | Web Security AcademyWebSecAcademy

Lab: Exploiting XXE to perform SSRF attacks | Web Security AcademyWebSecAcademy

Lab: Exploiting XInclude to retrieve files | Web Security AcademyWebSecAcademy

Lab: Exploiting XXE via image file upload | Web Security AcademyWebSecAcademy