Workshop given at Hack in Paris 2019
☆126Jun 8, 2023Updated 2 years ago
Alternatives and similar repositories for xxe-workshop
Users that are interested in xxe-workshop are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆129Jan 10, 2023Updated 3 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- Scripts and misc. stuff related to the PortSwigger Web Academy☆17Feb 6, 2022Updated 4 years ago
- Material from presentations done by GoSecure researchers☆34Oct 10, 2023Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆659Feb 21, 2024Updated 2 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Minimalist cheat sheet for developpers to write secure code☆54Jul 17, 2020Updated 5 years ago
- ☆11Jan 24, 2023Updated 3 years ago
- An easy to navigate list of unicode characters that have risky transformations 💥☆24Mar 22, 2022Updated 4 years ago
- ☆19Jan 24, 2022Updated 4 years ago
- Compiled dataset of Java deserialization CVEs☆60Aug 31, 2020Updated 5 years ago
- CVE-2022-32119 - Arox-Unrestricted-File-Upload☆17Dec 20, 2023Updated 2 years ago
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- Exploit scripts☆12Apr 10, 2022Updated 4 years ago
- ☆105Oct 18, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- GetSimple CMS Custom JS Plugin Exploit RCE Chain☆11Mar 8, 2023Updated 3 years ago
- ☆563Mar 27, 2025Updated last year
- ☆28Jan 10, 2023Updated 3 years ago
- Custom scripts for the PIPER Burp extensions.☆97Sep 24, 2023Updated 2 years ago
- ☆698Jul 4, 2022Updated 3 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆974Dec 31, 2021Updated 4 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆355Oct 14, 2020Updated 5 years ago
- Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…☆1,682May 24, 2025Updated 11 months ago
- ☆148Dec 23, 2022Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆12Mar 31, 2021Updated 5 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆347Nov 20, 2022Updated 3 years ago
- Burp Suite Extensions☆12Oct 19, 2021Updated 4 years ago
- xss development frameworks, with the goal of making payload writing easier.☆159Aug 7, 2024Updated last year
- Exploit for CVE-2021-3129☆289Jan 29, 2021Updated 5 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆339Aug 23, 2019Updated 6 years ago
- A Burp extension to show the Collaborator client in a tab☆24Dec 23, 2022Updated 3 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆113Mar 22, 2024Updated 2 years ago
- A XSS mind map ;)☆55Jan 16, 2016Updated 10 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Burp Extension for a passive scanning JS files for endpoint links.☆56Nov 20, 2024Updated last year
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆93Jun 11, 2023Updated 2 years ago
- ☆705Nov 27, 2024Updated last year
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆519Jul 29, 2020Updated 5 years ago
- ☆21Dec 15, 2020Updated 5 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆782Aug 19, 2024Updated last year
- CVE, reports, research☆15Mar 17, 2021Updated 5 years ago
