jbarone / xxelab
A simple web app with a XXE vulnerability.
☆226Updated 3 years ago
Alternatives and similar repositories for xxelab:
Users that are interested in xxelab are comparing it to the libraries listed below
- Stuff done in preparation for AWAE course and OSWE certification☆151Updated 4 years ago
- Burp Extension for easily creating Wordlists☆211Updated 3 years ago
- SSRF testing tool☆245Updated 2 years ago
- Turbo Intruder Scripts☆222Updated 4 years ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆388Updated last year
- A script that you can run in the background!☆175Updated 5 years ago
- This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.☆236Updated 5 years ago
- Various Payload wordlists☆235Updated 4 years ago
- ☆137Updated 7 years ago
- ☆129Updated 4 years ago
- A python based blind SQL injection exploitation script☆136Updated 5 years ago
- OSWE Preparation☆607Updated 2 years ago
- Payloads for CRLF Injection☆224Updated 5 months ago
- ☆360Updated 3 years ago
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆253Updated last year
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆622Updated 3 months ago
- Python library and CLI for the Bug Bounty Recon API☆223Updated 3 years ago
- A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate☆207Updated 8 months ago
- You can read the writeup on this script here☆193Updated 3 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆701Updated last year
- List DTDs and generate XXE payloads using those local DTDs.☆619Updated last year
- HTTP file upload scanner for Burp Proxy☆400Updated last year
- GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…☆205Updated last year
- ☆102Updated 2 years ago
- A script that can resolve an input file of domains and scan them with masscan☆157Updated 4 years ago
- NodeJS Red-Team Cheat Sheet☆206Updated 5 years ago
- A collection of templates for bug bounty reporting☆393Updated 3 years ago
- Unofficial documentation for the great tool Param Miner☆178Updated 2 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆265Updated 2 years ago
- Whitebox source code review cheatsheet (Based on AWAE syllabus)☆129Updated 3 years ago