Here are
41 public repositories
matching this topic...
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Java web common vulnerabilities and security code which is base on springboot and spring security
Updated
Jun 17, 2022
Java
Top disclosed reports from HackerOne
Updated
May 21, 2022
Python
🎯 XML External Entity (XXE) Injection Payload List
List DTDs and generate XXE payloads using those local DTDs.
Updated
Sep 22, 2021
Kotlin
Tool to help exploit XXE vulnerabilities
Updated
Jun 1, 2022
TypeScript
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
A list of useful payloads for Web Application Security and Pentest/CTF
Updated
Nov 25, 2021
Python
Security Knowledge Structure(安全知识汇总)
Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)
Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.
Updated
Aug 6, 2020
Python
This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.
BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework
Updated
Mar 14, 2017
Python
A web application that contains several unit tests for the purpose of .NET security
In this repository I'll host my research and methodologies for auditing vulnerabilities
Just a useless set of payload created by me. Saved here for remembrance.
pwnig all the (web)things
XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04
Updated
Oct 16, 2018
Python
A cheatsheet for exploiting server-side SVG rasterization.
This repository contains all my notes. Feel free to use them, share them or modify them.
🐶 A curated list of Web Security materials and resources.
Quick tests to evaluate the safety of various .NET XML Parsers with respect to XXE injection
Python XXE 漏洞复现 flask作为后台
Enumerate and exfiltrate files via out of band XXE, for situations where resolved entity is not displayed in the response, and directory listing is not available.
Updated
Apr 4, 2018
JavaScript
XML External Entity Vulnerability Payload List
Updated
Mar 26, 2020
Java
Go-sec-code is a project for learning Go vulnerability code.
A service which is vulnerable to XML External Entity (XXE) attacks.
Updated
Nov 11, 2018
Java
Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.
Updated
Jan 2, 2018
Python
Improve this page
Add a description, image, and links to the
xxe
topic page so that developers can more easily learn about it.
Curate this topic
Add this topic to your repo
To associate your repository with the
xxe
topic, visit your repo's landing page and select "manage topics."
Learn more
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.