SAST vs NexDAST
Two of the main types of application security testing are Static Analysis (SAST) and Dynamic Application Security Testing (DAST).
Cheat Sheet
Learn all about XXE and the prevention methods with our cheat sheet!
Use our XXE Injection Cheat Sheet to learn about the different variants of the XXE Injection vulnerability. In this cheat sheet you can find detailed technical information about XXE Injection vulnerabilities.
By performing an XXE Injection, the performer can view files on the application server file system, or interact with any backend external systems that the application itself can access.
DOWNLOAD THIS CHEAT SHEET
Read More on our blog!
What is XXE Attack? XML external entity (XXE) attacks are targeted against applications that parse XML input. They exploit weakly configured XML parsers, which process
DOWNLOAD THIS CHEAT SHEET
Related Cheatsheets
CSRF Cheat Sheet
The Cross-Site Request Forgery (CSRF) Cheat Sheet is a flowchart that is designed to cover the common scenarios that an experienced application penetration tester would test for in CSRF testing.
SSRF Cheat Sheet
Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker’s choosing.
© 2022 Bright Security Inc. All Rights Reserved