Alternatives and similar repositories for xxeserve

Users that are interested in xxeserve are comparing it to the libraries listed below

• strozfriedberg / xxe-recursive-download

  View on GitHub
  ☆232Nov 18, 2015Updated 10 years ago
• joernchen / DeviseDoor

  View on GitHub
  RoR / Devise PoC in memory Backdoor
  ☆29Dec 14, 2014Updated 11 years ago
• DavidJFelix / RedTeam

  View on GitHub
  Evil snippets of Underhanded Red Team tactics
  ☆11Jul 5, 2017Updated 8 years ago
• BuffaloWill / oxml_xxe

  View on GitHub
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,129Dec 16, 2024Updated last year
• tacticaljmp / aws-tool-comparison

  View on GitHub
  Overview about existing tools that can be useful for AWS auditing purposes.
  ☆15Sep 25, 2017Updated 8 years ago
• nccgroup / Decoder-Improved

  View on GitHub
  Improved decoder for Burp Suite
  ☆138Aug 30, 2021Updated 4 years ago
• EnableSecurity / Identity-Crisis

  View on GitHub
  A Burp Suite extension that checks if a particular URL responds differently to various User-Agent headers
  ☆15Sep 4, 2014Updated 11 years ago
• olliencc / appsec-vulnerability-periodic-table

  View on GitHub
  Application Security Vulnerability Periodic Table
  ☆14Aug 25, 2014Updated 11 years ago
• enjoiz / XXEinjector

  View on GitHub
  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
  ☆1,704Dec 1, 2024Updated last year
• commonexploits / winocphc

  View on GitHub
  Windows Offline Common Password Hash Checker
  ☆29Aug 9, 2016Updated 9 years ago
• floyd-fuh / burp-HttpFuzzer

  View on GitHub
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Jan 31, 2017Updated 9 years ago
• lc / 230-OOB

  View on GitHub
  An Out-of-Band XXE server for retrieving file contents over FTP.
  ☆184May 27, 2020Updated 5 years ago
• orf / xcat

  View on GitHub
  XPath injection tool
  ☆403Jan 11, 2023Updated 3 years ago
• tomekr / BurpFlashCSRFBuilder

  View on GitHub
  Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients
  ☆14Jul 3, 2013Updated 12 years ago
• akampjes / p0rk-crackling

  View on GitHub
  Distributed password cracker for operating over high latency networks of loosely coupled hosts.
  ☆13Jul 30, 2013Updated 12 years ago
• ssexxe / XXEBugFind

  View on GitHub
  A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications
  ☆72Sep 4, 2014Updated 11 years ago
• farisv / PrestaShop-CVE-2018-19126

  View on GitHub
  PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
  ☆40Dec 12, 2018Updated 7 years ago
• allfro / dotNetBeautifier

  View on GitHub
  A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…
  ☆12Jun 29, 2015Updated 10 years ago
• staaldraad / xxeserv

  View on GitHub
  A mini webserver with FTP support for XXE payloads
  ☆342Jan 3, 2024Updated 2 years ago
• bcoles / ssrf_proxy

  View on GitHub
  SSRF Proxy facilitates tunneling HTTP communications through servers vulnerable to Server-Side Request Forgery.
  ☆479Jan 1, 2018Updated 8 years ago
• alekseykorzun / php-audit

  View on GitHub
  phpAudit is a simple shell script that scans PHP files for possible security risks.
  ☆26Apr 7, 2013Updated 12 years ago
• silentsignal / wpc

  View on GitHub
  Windows Privesc Check
  ☆20May 20, 2014Updated 11 years ago
• nccgroup / WindowClicker

  View on GitHub
  Tool for automation of GUI-based testing.
  ☆16Jan 7, 2015Updated 11 years ago
• RUB-NDS / BurpSSOExtension

  View on GitHub
  An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
  ☆120Apr 26, 2021Updated 4 years ago
• NickstaDB / DeserLab

  View on GitHub
  Java deserialization exploitation lab.
  ☆237Mar 1, 2019Updated 6 years ago
• VirtueSecurity / aws-extender

  View on GitHub
  AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
  ☆256Feb 23, 2022Updated 3 years ago
• rgerganov / xxe-example

  View on GitHub
  XXE vulnerability demo
  ☆22Jun 1, 2014Updated 11 years ago
• nbshelton / bitdump

  View on GitHub
  A tool to extract database data from a blind SQL injection vulnerability.
  ☆32Jan 4, 2016Updated 10 years ago
• PortSwigger / backslash-powered-scanner

  View on GitHub
  Finds unknown classes of injection vulnerabilities
  ☆708Apr 30, 2025Updated 9 months ago
• njfox / Java-Deserialization-Exploit

  View on GitHub
  ☆128Oct 19, 2016Updated 9 years ago
• ropnop / xxetimes

  View on GitHub
  An interactive OOB XXE data exfiltration tool
  ☆91May 31, 2017Updated 8 years ago
• TheTwitchy / xxer

  View on GitHub
  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
  ☆518Jul 29, 2020Updated 5 years ago
• JordyZomer / autoSubTakeover

  View on GitHub
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆135Aug 14, 2023Updated 2 years ago
• ettic-team / EndpointFinder-Burp

  View on GitHub
  ☆32May 30, 2019Updated 6 years ago
• nccgroup / AMFDSer-ngng

  View on GitHub
  A Burp Extender plugin, that will take deserialized AMF objects and encode them in XML using the Xtream library
  ☆27Apr 14, 2015Updated 10 years ago
• SZFsir / laravel_POP_RCE

  View on GitHub
  laravel 5.8 rce pop chain
  ☆26Oct 27, 2019Updated 6 years ago
• RUB-NDS / WS-Attacker

  View on GitHub
  WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr …
  ☆491Oct 3, 2024Updated last year
• NetSPI / Wsdler

  View on GitHub
  WSDL Parser extension for Burp
  ☆266Jun 25, 2018Updated 7 years ago
• OpenSecurityResearch / flash-xdomain-xploit

  View on GitHub
  ActionScript Proof of Concept to perform cross-domain reads
  ☆16Aug 26, 2013Updated 12 years ago