xxe
There are 6 repositories under xxe topic.
reddelexc / hackerone-reports
Top disclosed reports from HackerOne
Language:Python 3279JoyChou93 / java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
Language:Java 2279payloadbox / xxe-injection-payload-list
🎯 XML External Entity (XXE) Injection Payload List
GoSecure / dtd-finder
List DTDs and generate XXE payloads using those local DTDs.
Language:Kotlin 584- xxexploiter
luisfontes19 / xxexploiter
Tool to help exploit XXE vulnerabilities
Language:TypeScript 525 Li4n0 / revsuit
RevSuit is a flexible and powerful reverse connection platform designed for receiving connection from target host in penetration.
Language:Go 490whitel1st / docem
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
Language:Python 477- Language:Go 469
- Language:Python 282
HLOverflow / XXE-study
This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.
Language:PHP 94k8gege / ZimbraExploit
Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)
Language:Ruby 74kljunowsky / XXElixir
This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
Language:Python 62ztgrace / mole
Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.
Language:Python 57cokeBeer / go-sec-code
Go-sec-code is a project for learning Go vulnerability code.
Language:Go 33deanf1 / dotnet-security-unit-tests
A web application that contains several unit tests for the purpose of .NET security
Language:C# 30OlivierLaflamme / Auditing-Vulnerabilities
In this repository I'll host my research and methodologies for auditing vulnerabilities
Language:PHP 29yuriisanin / svg2raster-cheatsheet
A cheatsheet for exploiting server-side SVG rasterization.
ptonewreckin / BlindRef
BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework
Language:Python 26kmille / pentest-wiki
pwnig all the (web)things
Language:PHP 19- Language:Java 16
jamieparfet / Apache-OFBiz-XXE
XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04
Language:Python 15AhmedAyman1196 / AymanSecNotes
This repository contains all my notes. Feel free to use them, share them or modify them.
omurugur / XXE_Payload_List
XML External Entity Vulnerability Payload List
samuel-knutson / dotnet-xxe-learning-tests
Quick tests to evaluate the safety of various .NET XML Parsers with respect to XXE injection
Language:C# 8hannoch / python-xxe
Python XXE 漏洞复现 flask作为后台
Language:CSS 7FOGSEC / awesome-web-security
🐶 A curated list of Web Security materials and resources.
FrancescoDiSalesGithub / XXE-gen
XXE vulnerability creator
Language:Python 6oppsec / arbimz
🔥 Arbimz is a python tool created to exploit the vulnerability on Zimbra assigned as CVE-2019-9670.
Language:Python 5no1se2 / WebSec-Toolkit-By-no1se
A collection of security tools for pentersion testing
Language:Python 4- Language:Go 3
holmes-py / reports-summary
A sensible no bullshit repo of summaries of reports on hackerone, bugcrowd and alike, that makes straight up sense and make it easy to repeat and automate. This is supposed to serve as my personal reference, but should be a good public index reference for like minded.
M3l0nPan / wordpress-cve-2021-29447
Exploit WordPress Media Library XML External Entity Injection (XXE) to exfiltrate files.
Language:Python 3mprechtl / information-leakage
A service which is vulnerable to XML External Entity (XXE) attacks.
Language:Java 3TheWation / XXESandbox
The PHP sandbox environment is a Docker-based tool for testing XML processing code, with XXE vulnerabilities demonstrated and security considerations explained.
Language:PHP 3
