xxe-injection

Here are 16 public repositories matching this topic...

payloadbox / xxe-injection-payload-list

🎯 XML External Entity (XXE) Injection Payload List

xml hacking cybersecurity bug-bounty infosec bugbounty information-security payload payloads cyber-security websecurity web-application-security xxe xxe-injection websecurity-reference xxe-payloads xxe-example xml-entity xxe-payload xxe-payload-list

Updated Jan 6, 2020

TheTwitchy / xxer

Star

A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.

python callback xxe-injection

Updated Jul 29, 2020
Python

YalcinYolalan / WSSAT

Star

WEB SERVICE SECURITY ASSESSMENT TOOL

scanner static-analysis xss vulnerabilities soap-web-services web-service security-tools sqlinjection rest-api-test xxe-injection information-disclosure dynamic-testing xml-bomb web-service-test web-service-scanner rest-api-scanner

Updated Sep 24, 2021
C#

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.

xxe xxe-injection php-xxe-demo python-xxe-demo java-xxe-demo xxe-example xml-entity xml-entity-expansion xxe-labs xxe-study external-entities

Updated Jun 12, 2021
PHP

deanf1 / dotnet-security-unit-tests

Star

A web application that contains several unit tests for the purpose of .NET security

microsoft security csharp dotnet injection owasp xpath xquery nhibernate xxe xxe-injection

Updated Oct 5, 2017
C#

SVelizDonoso / xvwa

Star

XVWA es una aplicación Web mal Desarrollada en PHP / MySQL que ayuda a los entusiastas de la seguridad a aprender la seguridad de las aplicaciones WEB. No es recomendable alojar esta aplicación en línea, ya que está diseñada para ser "Extremadamente Vulnerable". Recomendamos alojar esta aplicación en un entorno local/controlado. El fin es que puedas agudizar tus habilidades de seguridad, ya que este proyecto es totalmente legal romperlo o piratearlo. La idea es evangelizar la seguridad de las aplicaciones web para la comunidad de la forma más fácil posible. Por favor Aprende y adquiere estas habilidades para un buen propósito.

mysql php hacking xss csrf hacker xxe-injection vulnerabilidades sqlinyection

Updated Feb 2, 2018
JavaScript

samuel-knutson / dotnet-xxe-learning-tests

Star

Quick tests to evaluate the safety of various .NET XML Parsers with respect to XXE injection

security csharp dotnet xml dotnet-core xxe xxe-injection

Updated Apr 8, 2020
C#

hannoch / python-xxe

Star

Python XXE 漏洞复现 flask作为后台

python flask flask-application xxe xxe-injection xxe-payloads python-xxe

Updated Dec 13, 2021
CSS

shinmao / SecurityLearning

Star

For Web Security

xss sql-injection ssrf cmd-injection-vulns xxe-injection lfi-exploitation unserialization

Updated Jan 28, 2021
JavaScript

devrohaan / kick-off-OWASP_WebApp_Security_Vulnerabilities

Star

Want to keep your Web application from getting hacked? Here's how to get serious about secure apps. So let's do it! Open Friday, Aug 2016 - Presentation Notes.