xxe

Here are 38 public repositories matching this topic...

blaCCkHatHacEEkr / PENTESTING-BIBLE

Star

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

Updated Apr 14, 2021

JoyChou93 / java-sec-code

Star

Java web common vulnerabilities and security code which is base on springboot and spring security

java cors security benchmark web code tomcat jsonp rmi rce deserialize sqli ssrf xxe spel

Updated Jun 4, 2021
Java

reddelexc / hackerone-reports

Star

Top disclosed reports from HackerOne

xss rce reports sql-injection csrf writeups bugbounty ssrf hackerone xxe idor

Updated Apr 15, 2021
Python

GoSecure / dtd-finder

Star

List DTDs and generate XXE payloads using those local DTDs.

security hacktoberfest dtd xxe

Updated May 10, 2021
Kotlin

payloadbox / xxe-injection-payload-list

Star

🎯 XML External Entity (XXE) Injection Payload List

Updated Jan 6, 2020

luisfontes19 / xxexploiter

Star

Tool to help exploit XXE vulnerabilities

cdata exploit command xml read file entities external exploitation expect dtd xee ssrf xxe oob exection

Updated Jun 11, 2021
TypeScript

zer0yu / Berserker

Star

A list of useful payloads for Web Application Security and Pentest/CTF

scanner xss web-application sqli fuzzing ctf pentest intruder xxe

Updated Jul 8, 2021
Python

JoyChou93 / sks

Star

Security Knowledge Structure(安全知识汇总)

python java php security waf deserialize webshell nginx-lua xxe

Updated Oct 12, 2018

chennqqi / godnslog

Star

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

xss rce vulnerability ssrf rfi xxe dnslog webscan

Updated Feb 20, 2021
Go

Li4n0 / revsuit

Star

RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.

xss rce bug-bounty ssrf xxe pentest-tool reverse-connection

Updated Jul 24, 2021
Go

k8gege / ZimbraExploit

Star

Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)

exploit upload poc rce zimbra ssrf 0day xxe getshell k8cscan cve-2019-9621

Updated May 8, 2019
Ruby

ztgrace / mole

Star

Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.

python xss penetration-testing infosec appsec security-tools burp-extensions xxe oob

Updated Aug 6, 2020
Python

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.

xxe xxe-injection php-xxe-demo python-xxe-demo java-xxe-demo xxe-example xml-entity xml-entity-expansion xxe-labs xxe-study external-entities

Updated Jun 12, 2021
PHP

ptonewreckin / BlindRef

Star

BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework

python blind-xxe xxe

Updated Mar 14, 2017
Python

deanf1 / dotnet-security-unit-tests

Star

A web application that contains several unit tests for the purpose of .NET security

microsoft security csharp dotnet injection owasp xpath xquery nhibernate xxe xxe-injection

Updated Oct 5, 2017
C#

OlivierLaflamme / Auditing-Vulnerabilities

Star

In this repository I'll host my research and methodologies for auditing vulnerabilities

http waf csrf crlf ssrf xxe smuggling auditing-vulnerabilities

Updated Jan 7, 2020
PHP

kmille / pentest-wiki

Star

pwnig all the (web)things

php web reverse-shell xss code-review sql-injection ld-preload xxe file-inclusion template-injection file-uplaod

Updated Nov 21, 2020
PHP

jamieparfet / Apache-OFBiz-XXE

Star

XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04

exploit apache xxe ofbiz cve-2018-8033

Updated Oct 16, 2018
Python

h0nus / MyPayloads

Star

Just a useless set of payload created by me. Saved here for remembrance.

list web custom xss rce sqli vulnerabilities payload lfi rfi own xxe

Updated Jan 24, 2021

hannoch / python-xxe

Star

Python XXE 漏洞复现 flask作为后台

python flask flask-application xxe xxe-injection xxe-payloads python-xxe

Updated Mar 31, 2021
CSS

FOGSEC / awesome-web-security

Star

🐶 A curated list of Web Security materials and resources.

shell aws csv sql orm ftp css-animations web-app xss web-application recon modsecurity ssrf web-application-security xxe command-injection sub-domain-enumeration header-injection

Updated Jan 2, 2018

AhmedAyman1196 / AymanSecNotes

Star

This repository contains all my notes. Feel free to use them, share them or modify them.

Updated Aug 31, 2020

keven1z / XXEDemo

Star

收集了java XXE漏洞的demo及修复方式

xxe

Updated Mar 26, 2020
Java

samuel-knutson / dotnet-xxe-learning-tests

Star

Quick tests to evaluate the safety of various .NET XML Parsers with respect to XXE injection

security csharp dotnet xml dotnet-core xxe xxe-injection

Updated Apr 8, 2020
C#

omurugur / XXE_Payload_List

Star

XML External Entity Vulnerability Payload List

parser attack xml uri injection entity vulnerability exploitation xml-document vulnerability-detection impacts identifier vulnerability-scanners xxe xml-processor tainted-data

Updated Feb 23, 2021

FOGSEC / Mobile-Security-Framework-MobSF

Star

Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.

Updated Jan 2, 2018
Python

mprechtl / information-leakage

Star

A service which is vulnerable to XML External Entity (XXE) attacks.

javaee resteasy server-status xxe xxe-example information-leakage

Updated Nov 11, 2018
Java

nav7neeet / Vulnerable-Web-App

Star

Vulnerable Web Application

xss sql-injection csrf xxe

Updated Mar 3, 2021
Java

warder-io / xxe-generator

Star

A simple XXE generator.

infosec bugbounty websecurity xxe xxe-payloads xxe-example

Updated Jul 15, 2021
JavaScript

keven1z / ProtectAgent

Star

一个JAVA agent来防止XXE、s2-032等攻击

java agent xxe xxe-injection s2-032 s2-037

Updated Apr 21, 2020
Java

Improve this page

Add a description, image, and links to the xxe topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the xxe topic, visit your repo's landing page and select "manage topics."

Learn more

Dec	JUL	Jun
	26
2020	2021	2023

xxe

Here are 38 public repositories matching this topic...

blaCCkHatHacEEkr / PENTESTING-BIBLE

JoyChou93 / java-sec-code

reddelexc / hackerone-reports

GoSecure / dtd-finder

payloadbox / xxe-injection-payload-list

luisfontes19 / xxexploiter

zer0yu / Berserker

JoyChou93 / sks

chennqqi / godnslog

Li4n0 / revsuit

k8gege / ZimbraExploit

ztgrace / mole

HLOverflow / XXE-study

ptonewreckin / BlindRef

deanf1 / dotnet-security-unit-tests

OlivierLaflamme / Auditing-Vulnerabilities

kmille / pentest-wiki

jamieparfet / Apache-OFBiz-XXE

h0nus / MyPayloads

hannoch / python-xxe

FOGSEC / awesome-web-security

AhmedAyman1196 / AymanSecNotes

keven1z / XXEDemo

samuel-knutson / dotnet-xxe-learning-tests

omurugur / XXE_Payload_List

FOGSEC / Mobile-Security-Framework-MobSF

mprechtl / information-leakage

nav7neeet / Vulnerable-Web-App

warder-io / xxe-generator

keven1z / ProtectAgent

Improve this page

Add this topic to your repo