A simple web app with a XXE vulnerability.
☆232Nov 10, 2021Updated 4 years ago
Alternatives and similar repositories for xxelab
Users that are interested in xxelab are comparing it to the libraries listed below
Sorting:
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆417Mar 16, 2023Updated 2 years ago
- Practice hacking JWT tokens☆115Sep 8, 2022Updated 3 years ago
- ☆250Jun 6, 2018Updated 7 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆762Aug 21, 2023Updated 2 years ago
- ☆24Jan 26, 2021Updated 5 years ago
- Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn rea…☆457Dec 6, 2021Updated 4 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆328Mar 27, 2024Updated last year
- Damn Vulnerable WordPress☆199Dec 23, 2023Updated 2 years ago
- All known and unknown public POC's for wordpress themes and plugins☆79Jun 23, 2021Updated 4 years ago
- A NoSQL Injectable Node App☆42Jun 8, 2021Updated 4 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- Lab that will help you to understand how type juggling vulnerability works.☆22Sep 23, 2020Updated 5 years ago
- small set of scripts to practice exploit XSS and CSRF vulnerabilities☆65Dec 22, 2017Updated 8 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆112Mar 22, 2024Updated last year
- OSWE Preparation☆668Jul 25, 2022Updated 3 years ago
- ☆200Jun 6, 2019Updated 6 years ago
- ☆59Apr 8, 2021Updated 4 years ago
- CTF Writeups☆12Feb 25, 2023Updated 3 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,123Apr 21, 2024Updated last year
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,361Jan 24, 2021Updated 5 years ago
- Burp Suite extension for parsing Swagger web service definition files☆19Jul 15, 2025Updated 7 months ago
- LDAP Injection Vulnerability Application(Blog Sample Code)☆22Oct 4, 2018Updated 7 years ago
- ☆13Jul 27, 2020Updated 5 years ago
- Tool for checking reflecting Parameters in a URL.☆10Aug 31, 2020Updated 5 years ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆931Jan 6, 2025Updated last year
- Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis☆36Jul 10, 2018Updated 7 years ago
- My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam☆43Jul 13, 2023Updated 2 years ago
- A mini webserver with FTP support for XXE payloads☆341Jan 3, 2024Updated 2 years ago
- A repo for tools, utils, and wrappers that are to small to put in their own repo.☆23Mar 18, 2023Updated 2 years ago
- A tools for JavaScript Recon☆24Jul 25, 2020Updated 5 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- These are installation notes based on Mayfly's installation notes. They are more streamlined for Vagrant as I did not take the Docker rou…☆28Jun 19, 2024Updated last year
- ☆14Oct 1, 2021Updated 4 years ago
- Labs built in docker to cover NSE lessons☆11Nov 24, 2023Updated 2 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Sep 2, 2019Updated 6 years ago
- A simple PHP application to learn SQL Injection detection and exploitation techniques.☆127Oct 18, 2022Updated 3 years ago
- Damn Vulnerable Thick Client App developed in C# .NET☆176Aug 17, 2023Updated 2 years ago
- small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns☆337Apr 8, 2024Updated last year