xxe-injection
There are 29 repositories under xxe-injection topic.
payloadbox/xxe-injection-payload-list
🎯 XML External Entity (XXE) Injection Payload List
TheTwitchy/xxer
A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
whitel1st/docem
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
YalcinYolalan/WSSAT
WEB SERVICE SECURITY ASSESSMENT TOOL
dragonked2/Egyscan
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
HLOverflow/XXE-study
This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.
kljunowsky/XXElixir
This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
deanf1/dotnet-security-unit-tests
A web application that contains several unit tests for the purpose of .NET security
samuel-knutson/dotnet-xxe-learning-tests
Quick tests to evaluate the safety of various .NET XML Parsers with respect to XXE injection
hannoch/python-xxe
Python XXE 漏洞复现 flask作为后台
SVelizDonoso/xvwa
XVWA es una aplicación Web mal Desarrollada en PHP / MySQL que ayuda a los entusiastas de la seguridad a aprender la seguridad de las aplicaciones WEB. No es recomendable alojar esta aplicación en línea, ya que está diseñada para ser "Extremadamente Vulnerable". Recomendamos alojar esta aplicación en un entorno local/controlado. El fin es que puedas agudizar tus habilidades de seguridad, ya que este proyecto es totalmente legal romperlo o piratearlo. La idea es evangelizar la seguridad de las aplicaciones web para la comunidad de la forma más fácil posible. Por favor Aprende y adquiere estas habilidades para un buen propósito.
FrancescoDiSalesGithub/XXE-gen
XXE vulnerability creator
shinmao/SecurityLearning
For Web Security
LinuxUser255/Web-Security-Academy-Series
Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.
devrohaan/kick-off-OWASP_WebApp_Security_Vulnerabilities
Want to keep your Web application from getting hacked? Here's how to get serious about secure apps. So let's do it! Open Friday, Aug 2016 - Presentation Notes.
no1se2/WebSec-Toolkit-By-no1se
A collection of security tools for pentersion testing
cyberintruder/XXE-POC
XXE POC
M3l0nPan/wordpress-cve-2021-29447
Exploit WordPress Media Library XML External Entity Injection (XXE) to exfiltrate files.
TheWation/XXESandbox
The PHP sandbox environment is a Docker-based tool for testing XML processing code, with XXE vulnerabilities demonstrated and security considerations explained.
mrnazu/TryHackMe-CTF-s
Capture the Flag (CTF) is a cybersecurity competition that is used as a test of security skills.
qeeqbox/xxe-injection
A threat actor may interfere with an application's processing of extensible markup language (XML) data to view the content of a target's files
anasbousselham/owlscan
Web Vulnerability Scanner
keven1z/ProtectAgent
一个JAVA agent来防止XXE、s2-032等攻击
markgacoka/injector
A web app for injecting code into different file types.
northfine/Easy-Ftpserver-By-Python
ftpserver Tool
omurugur/Oracle_CTF_Web_XML_Entity_Exploit
Oracle CTF Web XML Entity Exploit
Cappricio-Securities/CVE-2018-8033
Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection)
Wh1t3Fox/xxe.page
XXE Testing Page