This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.
☆112Mar 22, 2024Updated 2 years ago
Alternatives and similar repositories for XXE-study
Users that are interested in XXE-study are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Wordlists for Bug Bounty☆23Aug 18, 2019Updated 6 years ago
- A simple web app with a XXE vulnerability.☆232Nov 10, 2021Updated 4 years ago
- Springboot detection☆23Nov 8, 2021Updated 4 years ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆60Mar 2, 2022Updated 4 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Tools for Attacking Pleasant Password Server☆23Sep 19, 2023Updated 2 years ago
- Adobe Experience Manager Vulnerability Scanner☆186May 22, 2023Updated 2 years ago
- Masscanner for Laravel phpunit RCE CVE-2017-9841☆23Aug 10, 2021Updated 4 years ago
- ☆12Feb 18, 2022Updated 4 years ago
- ☆44Dec 1, 2021Updated 4 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆653Feb 21, 2024Updated 2 years ago
- WebSocket Connection Smuggler☆47Sep 30, 2022Updated 3 years ago
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests a…☆352Jun 13, 2021Updated 4 years ago
- You can read the writeup on this script here☆274Jul 12, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Workshop given at Hack in Paris 2019☆126Jun 8, 2023Updated 2 years ago
- Web cache poisoning vulnerability scanner.☆74May 5, 2022Updated 3 years ago
- A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bul…☆98Jul 10, 2021Updated 4 years ago
- bounty collection☆42Sep 1, 2024Updated last year
- Automated blind-xss search for Burp Suite☆22Mar 28, 2022Updated 3 years ago
- This extension replaces the default repeater tab name with the URL path of the repeater request.☆24Sep 3, 2021Updated 4 years ago
- Burpsuite plugin for Interact.sh☆232Jun 26, 2024Updated last year
- Tips For Bug Bounty Hunters☆86Jul 16, 2022Updated 3 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Feb 12, 2022Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Remove duplicate URLs by retaining only the unique combinations of hostname, path, and parameter names☆39May 5, 2024Updated last year
- GoWC - Wildcard cleaner for MassDNS☆24Jun 10, 2022Updated 3 years ago
- This could have been a bash one-liner but guess what. It's a small Go tool that lists the trending CVEs from cvetrends.com☆106Aug 6, 2022Updated 3 years ago
- ☆104Oct 18, 2020Updated 5 years ago
- Domains belonging to the most reputed public bug bounty programs. [NOT FOR NON-MONETARY OR PRIVATE PROGRAMS]☆224Aug 29, 2024Updated last year
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- 🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline☆56Nov 24, 2024Updated last year
- ☆809Jul 28, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆183Nov 22, 2021Updated 4 years ago
- Test the speed and reliability of a list of DNS servers☆22Dec 9, 2020Updated 5 years ago
- IIS shortname scanner written in Go☆355Mar 25, 2023Updated 3 years ago
- bug bounty disclosed reports☆123Feb 2, 2025Updated last year
- ☆95Sep 18, 2021Updated 4 years ago
- A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.☆19Jan 3, 2019Updated 7 years ago
- Resolvers updated daily for reconftw☆48Feb 7, 2023Updated 3 years ago