Attacking XML Processing
Offered By: Hack in Paris via YouTube
Course Description
Overview
Explore the security implications of XML technologies in this 47-minute conference talk from Hack in Paris. Delve into a year-long research on XML format and processing practices, covering targets from browsers to enterprise-level security solutions and web-service back-ends. Examine key technologies including XML grammar (DTD), homo-iconicity, self-contained dynamic SVG images, design and implementation vulnerabilities in XSLT and XPath engines, in-memory exploitation of Java-based XSLT engines, and XML databases. Learn about systematically released proof-of-concept code for patched vulnerabilities, gaining valuable insights into potential security risks and mitigation strategies in XML processing.
Syllabus
Nicolas Gregoire Attacking XML Processing
Taught by
Hack in Paris
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network