In this chapter, we will cover the following recipes:

• Performing XML External Entity (XXE) attacks
• Working with JSON Web Token (JWT)
• Using Burp Collaborator to determine Server-Side Request Forgery (SSRF)
• Testing Cross-Origin Resource Sharing (CORS)
• Performing Java deserialization attacks