XPath Injection | XML Vulnerability for Beginners
HTML-код
- Опубликовано: 16 окт 2024
- Thank you for watching the video :
XPath Injection | XML Vulnerability for Beginners
In this episode, we will discuss what XML document is and what XPath is. We will see few examples of XPath on how it is used and can be exploited.
I'll also walk you through with an example of actual exploiting with XPath injection. Please solve other exercise and post the solution here.
DVWS: github.com/sno...
XXE: • API Penetration Test |...
OWASP Top 10 XXE: • XML External Entity | ...
00:36 What is XPath
03:19 XPath Query
05:14 Demo
ABOUT OUR CHANNEL📜
Cyber Security is a non-profit initiative taken by security professionals. Here we are uploading a series of videos to learn and get expertise in various domains of security. We are teaching tools, techniques, and methods which can be used on penetration testing assignments.
📌CHECK OUT OUR OTHER VIDEOS
▶️Authentication Bypass in PHP | PHP Type Juggling
• Authentication Bypass ...
▶️SAML Penetration Test for Begineers
• SAML Penetration Test ...
▶️How to exploit GraphQL | GraphQL for Beginners
• How to exploit GraphQL...
FOLLOW US ON SOCIAL
▶️Security Blog
bhaumikshah04....
▶️Facebook
/ infosecforstarters
#owasptop10 #webapppentest #appsec #applicationsecurity #apitesting #apipentest #cybersecurityonlinetraining #freesecuritytraining #penetrationtest #ethicalhacking #pentestforbegineers #ethicalhackingforbeginners #modernwebappattacks #XXE #XPathinjection #XMLInjection
Related Searches:
xpath injection tutorial
xpath injection prevention
xpath injection vs xml injection
xpath injection vulnerability
xpath injection in xml databases
Could this be found in any endpoint given that the webapp is using XML and is vulnerable to this, or mainly just for login bypass? Also, is this a common attack today or mostly outdated? Thanks
it is still common attack but not many are using XML. This could be for any workflow and not just login.
@@CyberSecurityTV Cheers. Could you make videos on the importance of cloud and the common attack vectors on AWS and Azure?
@@Cossaw That's a really good idea. let me work on it next year.
Great video, just one recommendation, can you pls keep all the ads in the beginning so that it doesn't interfere with the flow of learning and understanding.
Subscribed .Thank you.
Noted
so whats the major diff b/w SQLi and Xpath injection?
One is for SQL and other is for XML language. Depending on what language app is using.
@@CyberSecurityTV thanks sir
Nice
Thanks