Uncle Rat's XXE Handbook

XXE Made Simple!

What does this course offer?

What an XXE is
How to exploit XXE's
XXE Filter evasion techniques
Tools to test for XXE

How to prevent XXE

During my time as a bug bounty hunter and pentester i found i liked the XXE vulnerability type quite a lot. In this course i explain to you where XXE stems from, what it entails, how to exploit it and even how to prevent it. Every video file has a full PDF covering the topics in detail. To finish off i will you show you how to exploit this vulnerability in a set of practical video's demonstrated on one of my old CTF machines and on the portswigger labs.

Not only will you learn how to find and exploit this vulnerability but i will complete your skillset by giving you general guidance on preventing this issue type.


Your Instructor


Wesley Thijs
Wesley Thijs

I am the XSS Rat, an experienced ethical hacker who stands for quality and who believes knowledge is a building block we can all use to grow bigger than we ever were. As a software test i have a unique skill set that centers around logic flaws and IDORs which i have not seen very much by other hunters. This gives me the advantage of finding less duplicates and maximizing my chance of finding a vulnerability by picking the correct target and applying the correct test strategy.


Course Curriculum


  Introduction
Available in days
days after you enroll
  What is XXE?
Available in days
days after you enroll
  XXE Entry Points
Available in days
days after you enroll
  Exploiting XXE
Available in days
days after you enroll
  WAF and filter evasion
Available in days
days after you enroll
  Tools to find and how to prevent XXE
Available in days
days after you enroll
  Throwing it all together
Available in days
days after you enroll
  Let's try it
Available in days
days after you enroll
  Practical Examples
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.

Get started now!