A simple web app with a XXE vulnerability.
☆230Nov 10, 2021Updated 4 years ago
Alternatives and similar repositories for xxelab
Users that are interested in xxelab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆419Mar 16, 2023Updated 3 years ago
- Practice hacking JWT tokens☆115Sep 8, 2022Updated 3 years ago
- A NoSQL Injectable Node App☆42Jun 8, 2021Updated 4 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆775Aug 21, 2023Updated 2 years ago
- ☆250Jun 6, 2018Updated 7 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆113Mar 22, 2024Updated 2 years ago
- Burp Suite extension for parsing Swagger web service definition files☆19Jul 15, 2025Updated 9 months ago
- Simple HS256, HS384 & HS512 JWT token brute force cracker.☆1,171Jul 13, 2024Updated last year
- Damn Vulnerable WordPress☆201Dec 23, 2023Updated 2 years ago
- Bash script that creates directories and files to organize a pentesting☆12May 26, 2021Updated 4 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆330Mar 27, 2024Updated 2 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,152Apr 21, 2024Updated 2 years ago
- Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn rea…☆458Dec 6, 2021Updated 4 years ago
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- small set of scripts to practice exploit XSS and CSRF vulnerabilities☆65Dec 22, 2017Updated 8 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Sep 2, 2019Updated 6 years ago
- Labs built in docker to cover NSE lessons☆11Nov 24, 2023Updated 2 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- ☆200Jun 6, 2019Updated 6 years ago
- LDAP Injection Vulnerability Application(Blog Sample Code)☆22Oct 4, 2018Updated 7 years ago
- Generate users list using certain format☆23Jan 23, 2019Updated 7 years ago
- All known and unknown public POC's for wordpress themes and plugins☆79Jun 23, 2021Updated 4 years ago
- A simple SSRF-testing sheriff written in Go☆337Oct 31, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- A mini webserver with FTP support for XXE payloads☆341Jan 3, 2024Updated 2 years ago
- OSWE Preparation☆673Jul 25, 2022Updated 3 years ago
- Local File Inclusion Scanner and Exploiter☆15Dec 28, 2021Updated 4 years ago
- Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis☆36Jul 10, 2018Updated 7 years ago
- GraphQL security workshop labs☆118Jan 31, 2026Updated 3 months ago
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆47Feb 16, 2024Updated 2 years ago
- Check List☆80Jul 16, 2022Updated 3 years ago
- CTF Writeups☆12Feb 25, 2023Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,289Apr 20, 2026Updated 2 weeks ago
- Damn Vulnerable Thick Client App developed in C# .NET☆180Aug 17, 2023Updated 2 years ago
- These are installation notes based on Mayfly's installation notes. They are more streamlined for Vagrant as I did not take the Docker rou…☆28Jun 19, 2024Updated last year
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,369Jan 24, 2021Updated 5 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,743Dec 1, 2024Updated last year
- My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam☆44Jul 13, 2023Updated 2 years ago
- Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.☆40Nov 21, 2025Updated 5 months ago