xxe-injection

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

Updated Nov 6, 2024
Python

HLOverflow / XXE-study

Star

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.

xxe xxe-injection php-xxe-demo python-xxe-demo java-xxe-demo xxe-example xml-entity xml-entity-expansion xxe-labs xxe-study external-entities

Updated Mar 22, 2024
PHP

kljunowsky / XXElixir

Star

This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.

security web hack exploit file-upload owasp penetration-testing penetration bugbounty xxe xxe-injection penetration-testing-tools bug-bounty-hunters file-upload-vulnerability bug-bounty-tools xxe-attack

Updated Dec 29, 2023
Python

deanf1 / dotnet-security-unit-tests

Star

A web application that contains several unit tests for the purpose of .NET security

microsoft security csharp dotnet injection owasp xpath xquery nhibernate xxe xxe-injection

Updated Oct 5, 2017
C#

samuel-knutson / dotnet-xxe-learning-tests

Star

Quick tests to evaluate the safety of various .NET XML Parsers with respect to XXE injection

security csharp dotnet xml dotnet-core xxe xxe-injection

Updated Apr 8, 2020
C#

hannoch / python-xxe

Star

Python XXE 漏洞复现 flask作为后台

python flask flask-application xxe xxe-injection xxe-payloads python-xxe

Updated Jul 6, 2022
CSS

SVelizDonoso / xvwa

Star

XVWA es una aplicación Web mal Desarrollada en PHP / MySQL que ayuda a los entusiastas de la seguridad a aprender la seguridad de las aplicaciones WEB. No es recomendable alojar esta aplicación en línea, ya que está diseñada para ser "Extremadamente Vulnerable". Recomendamos alojar esta aplicación en un entorno local/controlado. El fin es que pu…

mysql php hacking xss csrf hacker xxe-injection vulnerabilidades sqlinyection

Updated Feb 2, 2018
JavaScript

FrancescoDiSalesGithub / XXE-gen

Star

XXE vulnerability creator

python3 pentesting xxe pentest-tool xxe-injection python-hacking xxe-payloads python-hacking-tools

Updated Nov 21, 2021
Python

shinmao / SecurityLearning

Star

For Web Security

xss sql-injection ssrf cmd-injection-vulns xxe-injection lfi-exploitation unserialization

Updated Jul 7, 2022
JavaScript

LinuxUser255 / Web-Security-Academy-Series

Star

Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.

authentication python3 webapp exploits fileupload business-logic xss-exploitation clickjacking pentest-scripts burpsuite command-injection csrf-attacks xxe-injection information-disclosure portswigger ssrf-tool portswigger-labs webapppentesting webapphacking

Updated Nov 5, 2024
Python

devrohaan / kick-off-OWASP_WebApp_Security_Vulnerabilities

Star

Want to keep your Web application from getting hacked? Here's how to get serious about secure apps. So let's do it! Open Friday, Aug 2016 - Presentation Notes.

injection owasp html-injection sql-injection xss-vulnerability vulnerabilities owasp-top-10 xxe-injection xxe-example os-injection crlf-injection

Updated Sep 30, 2018

M3l0nPan / wordpress-cve-2021-29447

Star

Exploit WordPress Media Library XML External Entity Injection (XXE) to exfiltrate files.

python wordpress exploit xxe xxe-injection cve-2021-29447

Updated Nov 11, 2022
Python

no1se2 / WebSec-Toolkit-By-no1se

Star

A collection of security tools for pentersion testing

xss xss-vulnerability xss-exploitation xss-detection xss-attacks sqlinjection xxe xxe-injection xxe-payloads xxe-attack

Updated Apr 23, 2023
Python

cyberintruder / XXE-POC

Star

XXE POC

penetration-testing xxe-injection

Updated Aug 13, 2017
PHP

TheWation / XXESandbox

Star

The PHP sandbox environment is a Docker-based tool for testing XML processing code, with XXE vulnerabilities demonstrated and security considerations explained.

xxe xxe-injection xxe-example

Updated Jun 7, 2023
PHP

mrnazu / TryHackMe-CTF-s

Star

Capture the Flag (CTF) is a cybersecurity competition that is used as a test of security skills.

ctf-writeups rce csrf xss-vulnerability recon bugbounty burpsuite sqlinjection xxe-injection webhacking openredirect idor tryhackme

Updated Nov 21, 2022
Perl

Improve this page

Add a description, image, and links to the xxe-injection topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the xxe-injection topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

xxe-injection

Here are 34 public repositories matching this topic...

payloadbox / xxe-injection-payload-list

whitel1st / docem

TheTwitchy / xxer

YalcinYolalan / WSSAT

dragonked2 / Egyscan

HLOverflow / XXE-study

kljunowsky / XXElixir

deanf1 / dotnet-security-unit-tests

samuel-knutson / dotnet-xxe-learning-tests

hannoch / python-xxe

SVelizDonoso / xvwa

FrancescoDiSalesGithub / XXE-gen

shinmao / SecurityLearning

LinuxUser255 / Web-Security-Academy-Series

devrohaan / kick-off-OWASP_WebApp_Security_Vulnerabilities

M3l0nPan / wordpress-cve-2021-29447

no1se2 / WebSec-Toolkit-By-no1se

cyberintruder / XXE-POC

TheWation / XXESandbox

mrnazu / TryHackMe-CTF-s

Improve this page

Add this topic to your repo