joernchen/xxeserve external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

joernchen/xxeserve

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/joernchen/xxeserve)

Close

joernchen / xxeserveView on GitHubMore

• External links
• Readme badge

XXE Out of Band Server.

☆173Aug 9, 2023Updated 2 years ago

Alternatives and similar repositories for xxeserve

Users that are interested in xxeserve are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• strozfriedberg / xxe-recursive-download

  View on GitHub
  ☆231Nov 18, 2015Updated 10 years ago
• joernchen / DeviseDoor

  View on GitHub
  RoR / Devise PoC in memory Backdoor
  ☆29Dec 14, 2014Updated 11 years ago
• BuffaloWill / oxml_xxe

  View on GitHub
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,171Dec 16, 2024Updated last year
• olliencc / appsec-vulnerability-periodic-table

  View on GitHub
  Application Security Vulnerability Periodic Table
  ☆14Aug 25, 2014Updated 11 years ago
• orf / xcat

  View on GitHub
  XPath injection tool
  ☆406Jan 11, 2023Updated 3 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• enjoiz / XXEinjector

  View on GitHub
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,747Dec 1, 2024Updated last year
• rgerganov / xxe-example

  View on GitHub
  XXE vulnerability demo
  ☆22Jun 1, 2014Updated 11 years ago
• staaldraad / xxeserv

  View on GitHub
  A mini webserver with FTP support for XXE payloads
  ☆343Jan 3, 2024Updated 2 years ago
• DavidJFelix / RedTeam

  View on GitHub
  Evil snippets of Underhanded Red Team tactics
  ☆11Jul 5, 2017Updated 8 years ago
• NickstaDB / DeserLab

  View on GitHub
  Java deserialization exploitation lab.
  ☆237Mar 1, 2019Updated 7 years ago
• tomekr / BurpFlashCSRFBuilder

  View on GitHub
  Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients
  ☆14Jul 3, 2013Updated 12 years ago
• ssexxe / XXEBugFind

  View on GitHub
  A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications
  ☆73Sep 4, 2014Updated 11 years ago
• commonexploits / winocphc

  View on GitHub
  Windows Offline Common Password Hash Checker
  ☆29Aug 9, 2016Updated 9 years ago
• EnableSecurity / Identity-Crisis

  View on GitHub
  A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers
  ☆15Sep 4, 2014Updated 11 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• nccgroup / Decoder-Improved

  View on GitHub
  Improved decoder for Burp Suite
  ☆138Aug 30, 2021Updated 4 years ago
• xgirma / pentools

  View on GitHub
  List of penetration testing tools.
  ☆22Mar 25, 2020Updated 6 years ago
• tacticaljmp / aws-tool-comparison

  View on GitHub
  Overview about existing tools that can be useful for AWS auditing purposes.
  ☆15Sep 25, 2017Updated 8 years ago
• lc / 230-OOB

  View on GitHub
  An Out-of-Band XXE server for retrieving file contents over FTP.
  ☆185May 27, 2020Updated 5 years ago
• floyd-fuh / burp-HttpFuzzer

  View on GitHub
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Jan 31, 2017Updated 9 years ago
• ettic-team / EndpointFinder-Burp

  View on GitHub
  ☆32May 30, 2019Updated 6 years ago
• ONsec-Lab / scripts

  View on GitHub
  Utils
  ☆274Jan 11, 2016Updated 10 years ago
• muttiopenbts / kisskissie

  View on GitHub
  XXE attack tool
  ☆31Feb 20, 2016Updated 10 years ago
• ropnop / xxetimes

  View on GitHub
  An interactive OOB XXE data exfiltration tool
  ☆92May 31, 2017Updated 8 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• mbechler / serjs

  View on GitHub
  A Java serializer in JavaScript
  ☆81May 21, 2018Updated 8 years ago
• JordyZomer / autoSubTakeover

  View on GitHub
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆134Aug 14, 2023Updated 2 years ago
• nccgroup / WindowClicker

  View on GitHub
  Tool for automation of GUI-based testing.
  ☆16Jan 7, 2015Updated 11 years ago
• VirtueSecurity / aws-extender

  View on GitHub
  AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
  ☆256Feb 23, 2022Updated 4 years ago
• TheTwitchy / xxer

  View on GitHub
  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
  ☆519Jul 29, 2020Updated 5 years ago
• bdamele / unix-privesc-check

  View on GitHub
  Shell script that runs on UNIX systems (tested on Solaris 9, HPUX 11, various Linux distributions, FreeBSD 6.2). It detects misconfigurat…
  ☆87Sep 26, 2016Updated 9 years ago
• bcoles / ssrf_proxy

  View on GitHub
  SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.
  ☆483Jan 1, 2018Updated 8 years ago
• RUB-NDS / WS-Attacker

  View on GitHub
  WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …
  ☆494Oct 3, 2024Updated last year
• OpenSecurityResearch / flash-xdomain-xploit

  View on GitHub
  ActionScript Proof of Concept to perform cross-domain reads
  ☆16Aug 26, 2013Updated 12 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• codewatchorg / bypasswaf

  View on GitHub
  Add headers to all Burp requests to bypass some WAF products
  ☆328Jan 28, 2018Updated 8 years ago
• vah13 / SAP_vulnerabilities

  View on GitHub
  DoS PoC's for SAP products
  ☆50Jan 23, 2018Updated 8 years ago
• RUB-NDS / BurpSSOExtension

  View on GitHub
  An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
  ☆120Apr 26, 2021Updated 5 years ago
• nccgroup / dotnetpaddingoracle

  View on GitHub
  Python Implementation of a .NET Padding Oracle Assessment Tool
  ☆31Dec 17, 2015Updated 10 years ago
• thomaspatzke / Clickjacking-Exploit

  View on GitHub
  Clickjacking Proof-of-Concept Exploit
  ☆26Oct 1, 2020Updated 5 years ago
• gursev / flash-xdomain-xploit

  View on GitHub
  ActionScript Proof of Concept to perform cross-domain reads
  ☆43Aug 26, 2013Updated 12 years ago
• grutz / squirtle

  View on GitHub
  Squirtle the Browser-based NTLM Attack Toolkit
  ☆17Apr 13, 2015Updated 11 years ago