StefanMichielse / generate_xxe_payloads
This tool is just after the first refactoring pushed. Original is from Will Vandevanter (BuffaloWill). Only rearrange the code which will eventually make it easier to maintain and add new payloads.
☆32Updated 8 years ago
Related projects ⓘ
Alternatives and complementary repositories for generate_xxe_payloads
- List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.☆81Updated 6 years ago
- Burp Bounty profiles☆82Updated 2 years ago
- Authenticated SSRF in Grafana☆77Updated 4 months ago
- Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.☆118Updated 4 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆86Updated 5 years ago
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆109Updated 5 years ago
- jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.☆149Updated 3 years ago
- ☆54Updated 2 years ago
- This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.☆75Updated 4 years ago
- SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist☆29Updated 4 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …☆60Updated 2 years ago
- ExtractSubdomainFromFDNS, updating☆33Updated 5 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆174Updated 4 years ago
- J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…☆72Updated 3 years ago
- Atlassian JIRA Template injection vulnerability RCE☆93Updated 5 years ago
- A Python script to parse net blocks & domain names from SPF record☆82Updated 4 years ago
- Broken Link Hijacking Burp Extension☆55Updated 5 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆104Updated 4 years ago
- ☆38Updated 5 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆62Updated 3 years ago
- Simple "postMessage logger" Chrome extension☆92Updated 4 years ago
- URL Screenshot Utility☆27Updated last year
- ☆36Updated 4 years ago
- Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages☆43Updated 3 years ago
- Expand urls into one url for each path depth☆32Updated 4 years ago
- Public Disclosures☆88Updated 2 years ago
- ☆128Updated 3 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆105Updated 2 years ago