xxe

Here are 28 public repositories matching this topic...

blaCCkHatHacEEkr / PENTESTING-BIBLE

Star

Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.

Updated May 12, 2020

tom0li / collection-document

Star

Collection of quality safety articles

github java dns security list research web hacking waf xss bug-bounty src pentest hacker acknowledgments fuzz sec ruby-programs xxe websec redteam bounty-hunters quality-safety-articles

Updated Apr 28, 2020

JoyChou93 / java-sec-code

Star

Java web common vulnerabilities and security code which is base on springboot and spring security

java cors security benchmark web code tomcat jsonp rmi rce deserialize sqli ssrf xxe spel

Updated May 15, 2020
Java

zer0yu / Berserker

Star

A list of useful payloads for Web Application Security and Pentest/CTF

scanner xss web-application sqli fuzzing ctf pentest intruder xxe

Updated Aug 30, 2019
HTML

JoyChou93 / sks

Star

Security Knowledge Structure(安全知识汇总)

python java php security waf deserialize webshell nginx-lua xxe

Updated Oct 12, 2018

reddelexc / hackerone-reports

Star

Top disclosed reports from HackerOne

xss rce reports sql-injection csrf writeups bugbounty ssrf hackerone xxe idor

Updated May 12, 2020
Python

payloadbox / xxe-injection-payload-list

Star

🎯 XML External Entity (XXE) Injection Payload List

xml hacking cybersecurity bug-bounty infosec bugbounty information-security payload payloads cyber-security websecurity web-application-security xxe xxe-injection websecurity-reference xxe-payloads xxe-example xml-entity xxe-payload xxe-payload-list

Updated Jan 6, 2020

luisfontes19 / xxexploiter

Star

Tool to help exploit XXE vulnerabilities

cdata exploit command xml read file entities external exploitation expect dtd xee ssrf xxe oob exection

Updated May 14, 2020
TypeScript

k8gege / ZimbraExploit

Star

Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)

exploit upload poc rce zimbra ssrf 0day xxe getshell k8cscan cve-2019-9621

Updated May 8, 2019
Ruby

ptonewreckin / BlindRef

Star

BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework

python blind-xxe xxe

Updated Mar 14, 2017
Python

giteshnxtlvl / YourNextBugTip

Star

Collection of Twitter Bug Bounty Tips and Tricks

security twitter bug hacking xss enumeration vulnerability csrf bugbounty pentest bypass ssrf sqlinjection xxe bugbountytips bugbountytricks twitter-tips hacking-tips yournextbugtip

Updated Apr 20, 2020

deanf1 / dotnet-security-unit-tests

Star

A web application that contains several unit tests for the purpose of .NET security

microsoft security csharp dotnet injection owasp xpath xquery nhibernate xxe xxe-injection

Updated Oct 5, 2017
C#

kmille / pentest-wiki

Star

pwnig all the (web)things

php web reverse-shell xss code-review sql-injection ld-preload xxe file-inclusion template-injection file-uplaod

Updated Apr 20, 2020
PHP

jamieparfet / Apache-OFBiz-XXE

Star

XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04

exploit apache xxe ofbiz cve-2018-8033

Updated Oct 16, 2018
Python

OlivierLaflamme / Auditing-Vulnerabilities

Star

In this repository I'll host my research and methodologies for auditing vulnerabilities

http waf csrf crlf ssrf xxe smuggling auditing-vulnerabilities

Updated Jan 7, 2020
PHP

mprechtl / information-leakage

Star

A service which is vulnerable to XML External Entity (XXE) attacks.

javaee resteasy server-status xxe xxe-example information-leakage

Updated Nov 11, 2018
Java

FOGSEC / Mobile-Security-Framework-MobSF

Star

Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.

Updated Jan 2, 2018
Python

FOGSEC / awesome-web-security

Star

🐶 A curated list of Web Security materials and resources.

shell aws csv sql orm ftp css-animations web-app xss web-application recon modsecurity ssrf web-application-security xxe command-injection sub-domain-enumeration header-injection

Updated Jan 2, 2018

ziizhuwy / ProtectAgent

Star

一个JAVA agent来防止XXE、s2-032等攻击

java agent xxe xxe-injection s2-032 s2-037

Updated Apr 21, 2020
Java

samuel-knutson / dotnet-xxe-learning-tests

Star

Quick tests to evaluate the safety of various .NET XML Parsers with respect to XXE injection

security csharp dotnet xml dotnet-core xxe xxe-injection

Updated Apr 8, 2020
C#

mrpinghe / xxe-file-enum

Star

Enumerate and exfiltrate files via out of band XXE, for situations where resolved entity is not displayed in the response, and directory listing is not available.

file enumeration pentest exfiltration xxe