Nearly Generic Fuzzing of XML Based Formats

Explore a research project on fuzzing XML-based formats presented at nullcon Goa 2017. Learn about the two main goals: revisiting XSLT targets from 2012 with modern tools and generalizing bug-finding processes for various XML formats. Discover a newly developed tool designed specifically for mutating XML documents. Gain insights from Nicolas Gregoire, an experienced penetration tester and security researcher, as he shares his findings and methodologies. Understand the importance of responsible vulnerability disclosure and its impact on product security across multiple vendors. Delve into the world of bug bounties and learn how top rewards can be earned from major companies like Prezi and Yahoo.

nullcon Goa 2017 - Nearly Generic Fuzzing Of XML Based Formats by Nicholas Gregoire