Abstract

XML injection:

Injections are being on top for last 3 OWASP TOP 10 list. Most of us know about the well-known SQL Injection which is well learned and still found in wild. But XML injections are less known to the pentester world. This session I'll talk about the lesser known XML & XPath injections.

Topics to be covered:
- XML Injection
- XSLT injection
- XXE attack
- XPath Injection

Speaker

AMol NAik

Web Application Pentester. Bounty Hunter in Past, currently Fuzzing Browsers for Fun & Profit

Timing

Starts at Saturday August 30 2014, 11:20 AM. The sessions runs for about 2 hours.

Resources