xxe - go secure workshop

This commit is contained in:
Alexandre ZANNI 2023-06-08 10:14:35 +02:00 committed by GitHub
parent e17b6e1ac4
commit 3e8a39a87d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -104,6 +104,7 @@ Syntax: `<!ENTITY entity_name SYSTEM "entity_value">`
* [Exploiting XInclude to retrieve files](https://portswigger.net/web-security/xxe/lab-xinclude-attack)
* [Exploiting XXE via image file upload](https://portswigger.net/web-security/xxe/lab-xxe-via-file-upload)
* [Exploiting XXE to retrieve data by repurposing a local DTD](https://portswigger.net/web-security/xxe/blind/lab-xxe-trigger-error-message-by-repurposing-local-dtd)
* [GoSecure workshop - Advanced XXE Exploitation](https://gosecure.github.io/xxe-workshop)
## Detect the vulnerability