A list of questions that bounty hunters frequently DM me about. 😄
I have a simple philosophy that I share with everyone:
- Learn to make it. Then break it!
- Read books. Lots of books.
BenCdesire
EdOverflow
/ bugbountyfaq.md
Last active
April 4, 2022 16:18
A list of questions that bug bounty hunters frequently DM me about.
mgeeky
/ xml-attacks.md
Last active
November 13, 2024 10:21
XML Vulnerabilities and Attacks cheatsheet
XML processing modules may be not secure against maliciously constructed data. An attacker could abuse XML features to carry out denial of service attacks, access logical files, generate network connections to other machines, or circumvent firewalls.
The penetration tester running XML tests against application will have to determine which XML parser is in use, and then to what kinds of below listed attacks that parser will be vulnerable.