Who am i?
An experienced instructor with over 10 000 happy students on udemy, i spend my time making complex topic reacheable for anyone wanting to learn and understand them. As a dad of a toddler, i know what it means to have to simplify things but even before all this i was already emerged in the world of training IT profiles in software test automation and performance testing, having gotten my neoload expert certification in Paris so i could teach that software in a 3 day course that would prepare staff for neoload certification. All this helped me when i gained some experience in bug bounties on Intigriti (You can find me as theamazingferret) in a short time, i decided to start up my youtube channel because people kept asking me the same questions and this was a way to help them better. People seemed to like my teaching and it blew to where we are today. You can find me on LinkedIn as Wesley Thijs or on youtube or twitter or even facebook as the XSS Rat.
What does this course offer?
During my time as a bug bounty hunter and pentester i found i liked the XXE vulnerability type quite a lot. In this course i explain to you where XXE stems from, what it entails, how to exploit it and even how to prevent it. Every video file has a full PDF covering the topics in detail. To finish off i will you show you how to exploit this vulnerability in a set of practical video’s demonstrated on one of my old CTF machines and on the portswigger labs.
Not only will you learn how to find and exploit this vulnerability but i will complete your skillset by giving you general guidance on preventing this issue type.
Who this course is for:
- Developers looking to find out how XXE works
- Pentesters looking to add XXE to their arsenal
- Bug bounty hunters looking to add XXE to their arsenal
- Be familiar with XML files
- Entry level IT experience
What you’ll learn
- What an XXE is
- How to exploit XXE’s
- XXE Filter evasion techniques
- Tools to test for XXE
- How to prevent XXE
Free Download Links-
Note: Comment below if you find the download links dead and comment with fake or temporary Email-id is going to be ignored.