Site is Loading, Please wait...
Skip to content
Geek Girl
  • Categories
    • Information Security
      • HackTheBox
      • linux
      • Windows
      • CTF
      • Web application
    • Cloud
    • python
      • Django
    • Internet of Things
  • Toggle website search
Menu Close
  • Categories
    • Information Security
      • HackTheBox
      • linux
      • Windows
      • CTF
      • Web application
    • Cloud
    • python
      • Django
    • Internet of Things

XXE

  1. Home>
  2. XXE
advanced XXE attacks
Information Security / OWASP top 10 / Web application

Blind XXE attacks – Out of band interaction Techniques (OAST) to exfilterate data

The post covers various techniques by which sensitive data can be exfilterated using out of band interaction in XXE

1 Comment
April 24, 2021
xxe
Information Security / OWASP top 10 / Web application

XXE Simplified: The concept, Attacks and Mitigations

XXE remains amongst the one with a critical score on the severity perspective. Why? Being able to read server's sensitive files is where the victim can be fully compromised.

0 Comments
April 14, 2021
aragog hackthebox
HackTheBox / Information Security / linux

Aragog Hackthebox walkthrough

Aragog is a medium level linux machine from hackthebox. Initial foothold is based on exploiting XXE and the privilege escalation requires to log the password by creating a backdoor.

92 Comments
July 21, 2020
  • LinkedIn
  • Twitter
ShreyaPohekar