Beginner

Injections, XXE, and Insecure Deserialization

BLACK FRIDAY DEAL: Use coupon ‘LEVELUP40’ and get a 40% off on all Annual Plans.
Learning Path
Application Security Essentials
Ideal for
Developer
Security Engineer
Pentester
Security Champion
5
Hours
24
Lessons
5
Cloud Labs

Understanding the core principles of Application Security is the difference between building software that’s secure and one that’s easily exploitable.  This course is a deep dive into some of the most common and frequently occurring vulnerabilities your applications are likely to have over the course of development.

This course, Injections, XXE, and Insecure Deserialization, contains 5 modules, each dealing with a different common vulnerability. To begin, we’ll take you through real-world techniques of how to attack applications using Injection flaws, XML External Entities (XXE), Insecure Deserialization and Server-Side Request Forgery (SSRF).

Next, we’ll counter these with battle-tested strategies to defend against each of them. Every module is packed with hands-on labs that you’ll do alongside the trainer. This ensures you get practical experience dealing with real-world vulnerabilities as you’re learning about them.

At the end of this course, you’ll come away with a comprehensive understanding of some of the most commonly occurring vulnerabilities that affect applications today. You’ll be able to take everything you’ve learned about Injection vulnerabilities, XXE, and Insecure Deserialization and implement it in a modern development environment.

You might also like these courses

Or explore these Learning Paths

Labs

Understanding SQL Injection

Defending against SQL Injection

Server-Side Template Injection against NodeJS apps

Attack & Defense - XXE

Attack & Defense - Insecure Deserialization

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
Copyright AppSecEngineer © 2025