A project summarizing the workings of XML injections, their consequences and possible solutions for them.
This is a project for the 'Network Security' course at the University of Milan and is in Italian Language.
This project is a dedicated exploration of XML Injection attacks, encompassing a comprehensive analysis of XML and its vulnerabilities, including tag injection and XML bombs, providing insights into the risks and consequences associated with these attacks, all while emphasizing responsible and ethical hacking practices.
To illustrate the concepts discussed, we provide practical examples within an ethical framework based on php servers created ad hoc. These demonstrations are intended solely for educational purposes and should never be used maliciously.
I invite you to explore our demonstration scenarios, analyze code samples, and gain insights into securing XML-based applications.
- Project's PDF - Project's PDF in repository