Workshop given at Hack in Paris 2019
☆126Jun 8, 2023Updated 2 years ago
Alternatives and similar repositories for xxe-workshop
Users that are interested in xxe-workshop are comparing it to the libraries listed below
Sorting:
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆127Jan 10, 2023Updated 3 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- Scripts and misc. stuff related to the PortSwigger Web Academy☆17Feb 6, 2022Updated 4 years ago
- Material from presentations done by GoSecure researchers☆34Oct 10, 2023Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆651Feb 21, 2024Updated 2 years ago
- Minimalist cheat sheet for developpers to write secure code☆54Jul 17, 2020Updated 5 years ago
- ☆11Jan 24, 2023Updated 3 years ago
- An easy to navigate list of unicode characters that have risky transformations 💥☆25Mar 22, 2022Updated 3 years ago
- ☆20Jan 24, 2022Updated 4 years ago
- Compiled dataset of Java deserialization CVEs☆60Aug 31, 2020Updated 5 years ago
- CVE-2022-32119 - Arox-Unrestricted-File-Upload☆17Dec 20, 2023Updated 2 years ago
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- Exploit scripts☆12Apr 10, 2022Updated 3 years ago
- ☆105Oct 18, 2020Updated 5 years ago
- GetSimple CMS Custom JS Plugin Exploit RCE Chain☆11Mar 8, 2023Updated 3 years ago
- ☆563Mar 27, 2025Updated 11 months ago
- ☆29Jan 10, 2023Updated 3 years ago
- Custom scripts for the PIPER Burp extensions.☆97Sep 24, 2023Updated 2 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆957Dec 31, 2021Updated 4 years ago
- ☆695Jul 4, 2022Updated 3 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆356Oct 14, 2020Updated 5 years ago
- ☆148Dec 23, 2022Updated 3 years ago
- Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…☆1,677May 24, 2025Updated 9 months ago
- ☆12Mar 31, 2021Updated 4 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- Burp Suite Extensions☆12Oct 19, 2021Updated 4 years ago
- xss development frameworks, with the goal of making payload writing easier.☆154Aug 7, 2024Updated last year
- Exploit for CVE-2021-3129☆284Jan 29, 2021Updated 5 years ago
- A Burp extension to show the Collaborator client in a tab☆24Dec 23, 2022Updated 3 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆112Mar 22, 2024Updated last year
- A XSS mind map ;)☆57Jan 16, 2016Updated 10 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆56Nov 20, 2024Updated last year
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆93Jun 11, 2023Updated 2 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- ☆705Nov 27, 2024Updated last year
- ☆21Dec 15, 2020Updated 5 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆779Aug 19, 2024Updated last year
- CVE, reports, research☆15Mar 17, 2021Updated 5 years ago
