YoVDO

Nearly Generic Fuzzing of XML Based Formats

Offered By: nullcon via YouTube

Tags

nullcon Courses Cybersecurity Courses XML Courses Penetration Testing Courses XSLT Courses Bug Hunting Courses

Course Description

Overview

Explore a research project on fuzzing XML-based formats presented at nullcon Goa 2017. Learn about the two main goals: revisiting XSLT targets from 2012 with modern tools and generalizing bug-finding processes for various XML formats. Discover a newly developed tool designed specifically for mutating XML documents. Gain insights from Nicolas Gregoire, an experienced penetration tester and security researcher, as he shares his findings and methodologies. Understand the importance of responsible vulnerability disclosure and its impact on product security across multiple vendors. Delve into the world of bug bounties and learn how top rewards can be earned from major companies like Prezi and Yahoo.

Syllabus

nullcon Goa 2017 - Nearly Generic Fuzzing Of XML Based Formats by Nicholas Gregoire


Taught by

nullcon

Related Courses

Network Security
Georgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent