XXE - The Ugly Side of XML

The eXtensible Markup Language (XML) has a very long and lustrious reputation for being he go-to language for storing and transferring self describing data. Unfortunately though, XML’s root have presented a problem that can plauge many improperly configured parsers. This problem is known as eXternal XML Entity attacks (XXE).

»

Make The Web SQueaL

I gave my first public talk last week. It was a talk on SQL Injection that was given at this month’s NolaSec meetup. And, I have to say, I really enjoyed the experience. The Talk The talk was titled “Make The Web SQueaL: An Introduction to SQL Injection.” It was a pretty quick talk. The goal when written was to make a 20 minute-ish talk with room for questions at the end. »