A server vulnerable to XXE that can be used to test payloads using the xxer tool.
☆26Mar 29, 2018Updated 7 years ago
Alternatives and similar repositories for vulnd_xxe
Users that are interested in vulnd_xxe are comparing it to the libraries listed below
Sorting:
- little scripts of bash stuff that i've found handy.☆16Feb 2, 2019Updated 7 years ago
- Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021☆16Jan 3, 2022Updated 4 years ago
- docker-compose bringing up multiple vulnerable applications inside containers.☆19Jan 29, 2018Updated 8 years ago
- Simple XXE test suite generated specifically for SAML interfaces☆23May 18, 2018Updated 7 years ago
- pysap SAPMS+SAPRFC patches for Gateway / MS research☆11Apr 30, 2019Updated 6 years ago
- Blind XSS SVG☆10Mar 27, 2023Updated 2 years ago
- 🔍LeakScanner - Inspired by Gitleaks☆13Aug 23, 2024Updated last year
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆11Sep 22, 2023Updated 2 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- Secrets detection based on regular expressions.☆22Apr 15, 2025Updated 10 months ago
- SAP Message Server research presented at OPCDE 2019☆35Aug 18, 2020Updated 5 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- ThinkPHP6任意文件操作漏洞,影响版本ThinkPHP6.0.0-6.0.1☆22Jan 15, 2020Updated 6 years ago
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 5 years ago
- Techniques / Tips and tricks for finding sensitive data exposures in Github for Penetration Testers / Bug Bounty Hunters☆17Aug 1, 2020Updated 5 years ago
- JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…☆18Nov 15, 2023Updated 2 years ago
- ☆74Nov 5, 2018Updated 7 years ago
- parse ffuf & map endpoints to wordlists☆21Feb 25, 2021Updated 5 years ago
- A CLI tool to extract, analyze, and filter JavaScript links from web pages or URLs, with regex matching and structured JSON output.☆19Jan 6, 2025Updated last year
- A place to store my own wordlists, and link to others that are useful☆108Nov 15, 2023Updated 2 years ago
- WaybackURLS + OtxURLS + CommonCrawl = The Best Results☆22Dec 7, 2019Updated 6 years ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago
- PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)☆82Jan 15, 2021Updated 5 years ago
- crack text files encrypted with vim's :X command☆22Jan 27, 2016Updated 10 years ago
- A mirror of several precompiled standalone red-teaming tools.☆19Feb 2, 2023Updated 3 years ago
- XXE vulnerability demo☆22Jun 1, 2014Updated 11 years ago
- A permutation generation tool written in golang☆209Jul 15, 2019Updated 6 years ago
- My Custom made Nuceli-Templates☆22Aug 5, 2025Updated 7 months ago
- GoWC - Wildcard cleaner for MassDNS☆24Jun 10, 2022Updated 3 years ago
- ☆25Oct 14, 2017Updated 8 years ago
- A simple Shellshock scanner in python☆39Oct 12, 2014Updated 11 years ago
- Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.☆63Feb 26, 2019Updated 7 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆14Jul 22, 2024Updated last year
- A Burp extension to show the Collaborator client in a tab☆24Dec 23, 2022Updated 3 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆20Oct 26, 2020Updated 5 years ago
- An enumeration and exploitation toolkit using RFC calls to SAP☆40Jan 8, 2020Updated 6 years ago