Joel O.joelodey.hashnode.dev·Apr 29, 2024Lab: Exploiting XXE using external entities to retrieve filesLab Scenario: Our mission is to exploit XXE through a web application's "Check stock" feature, specifically using external entities to retrieve files. By intercepting and manipulating a POST request, we intend to use XXE to trigger the retrieval of s...DiscussPortSwigger XML external entity (XXE) injectionxxe
Haneunhanlee.hashnode.dev·Apr 12, 2023Understanding the Key Features of Burp SuiteBurp Suite Definition Burp Suite is a web proxy program (packet manipulation program) that sits between the client and the server. It allows interception of data being sent between the two and provides various tools such as vulnerability scanners and...Discuss·44 readsProgrammingWeb Security
