ropnop/xxetimes

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ropnop/xxetimes)

ropnop / xxetimes

An interactive OOB XXE data exfiltration tool

☆92

Alternatives and similar repositories for xxetimes

Users that are interested in xxetimes are comparing it to the libraries listed below

Sorting:

tehryanx / ssslide
View on GitHub
View screenshots as a slideshow over http
☆15Mar 13, 2020Updated 5 years ago
thapr0digy / security-cheatsheets
View on GitHub
Cheat sheets
☆10Jul 4, 2016Updated 9 years ago
eur0pa / goGetBucket
View on GitHub
A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
☆26Dec 12, 2018Updated 7 years ago
eur0pa / tko-subs
View on GitHub
A tool that can help detect and takeover subdomains with dead DNS records
☆12Aug 23, 2018Updated 7 years ago
jstnkndy / scripts
View on GitHub
Scripts that I've written that others may find useful
☆14Aug 17, 2022Updated 3 years ago
muttiopenbts / kisskissie
View on GitHub
XXE attack tool
☆31Feb 20, 2016Updated 10 years ago
zxsecurity / glugger
View on GitHub
The fastest (and least featureful) DNS bruteforcer in the South
☆27Dec 31, 2019Updated 6 years ago
mandatoryprogrammer / lambda-intruder
View on GitHub
An example of high-QPS requesting Burp Intruder style on AWS Lambda via self-invocation.
☆22Nov 15, 2018Updated 7 years ago
gwen001 / actarus
View on GitHub
Actarus is a custom tool for bug bounty
☆77Nov 14, 2019Updated 6 years ago
WJDigby / catscan
View on GitHub
Scan and categorize websites for rapid triage
☆12Jun 23, 2022Updated 3 years ago
cosmoscrew / gomassdns
View on GitHub
A better dns bruteforcer written in golang
☆13Nov 4, 2018Updated 7 years ago
RUB-NDS / SAML-XXE-Test
View on GitHub
Simple XXE test suite generated specifically for SAML interfaces
☆23May 18, 2018Updated 7 years ago
BishopFox / pwn-pulse
View on GitHub
Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
☆135Jan 15, 2020Updated 6 years ago
the-bumble / Burp-Scanner-OOB-Checks
View on GitHub
This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter
☆20Feb 16, 2017Updated 9 years ago
anshumanbh / merge-nmap-masscan
View on GitHub
Merge results from NMAP and Masscan into one CSV file
☆18Jun 19, 2018Updated 7 years ago
swarley7 / gograbber
View on GitHub
A horizontal and vertical web content enumerator
☆52Aug 15, 2018Updated 7 years ago
staaldraad / xxeserv
View on GitHub
A mini webserver with FTP support for XXE payloads
☆341Jan 3, 2024Updated 2 years ago
DanMcInerney / autoresp
View on GitHub
Runs Responder, uploads hashes for cracking, alerts when cracked
☆37Mar 16, 2016Updated 9 years ago
appsecco / bugcrowd-levelup-subdomain-enumeration
View on GitHub
This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
☆628Feb 5, 2019Updated 7 years ago
Cn33liz / JSMeter
View on GitHub
JavaScript Reversed TCP Meterpreter Stager
☆138May 25, 2017Updated 8 years ago
cedowens / Mod_Rewrite_Automation
View on GitHub
Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.
☆47Feb 17, 2021Updated 5 years ago
stealth / plasmapulsar
View on GitHub
PLASMA PULSAR
☆70May 19, 2017Updated 8 years ago
limbenjamin / LogServiceCrash
View on GitHub
POC code to crash Windows Event Logger Service
☆27Oct 16, 2020Updated 5 years ago
lavalamp- / content-discovery-hit-lists
View on GitHub
This repository contains hit lists to use for web application content discovery.
☆11May 31, 2017Updated 8 years ago
cosmoscrew / ssrf-playground
View on GitHub
A playground to practice SSRF Attacks against web apps
☆17Oct 15, 2018Updated 7 years ago
infosec-au / enumXFF
View on GitHub
Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
☆226Mar 29, 2022Updated 3 years ago
byt3bl33d3r / Leek-LLM
View on GitHub
Use a LLM to create the ultimate Leek AI for Leek Wars! 🥬
☆16May 2, 2024Updated last year
BuffaloWill / oxml_xxe
View on GitHub
A tool for embedding XXE/XML exploits into different filetypes
☆1,130Dec 16, 2024Updated last year
rasta-mouse / AsyncNamedPipes
View on GitHub
Send and receive messages over Named Pipes asynchronously.
☆39Sep 17, 2021Updated 4 years ago
cqsd / daily-commonspeak2
View on GitHub
commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …
☆40May 21, 2021Updated 4 years ago
matthewdfuller / intellifuzz-xss
View on GitHub
An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match
☆42Sep 24, 2012Updated 13 years ago
pentester-io / commonspeak
View on GitHub
Content discovery wordlists generated using BigQuery
☆581Apr 26, 2020Updated 5 years ago
samisecure / LsassDumpReflectiveDll
View on GitHub
Dump Lsass Memory Using a Reflective Dll
☆14Feb 4, 2022Updated 4 years ago
lc / reckdns
View on GitHub
A kinda reckless dns resolver. Still under development.
☆16Mar 23, 2020Updated 5 years ago
carnal0wnage / malicious_file_maker
View on GitHub
malicious file maker/sender to create and send malicious attachments to test your email filter/alerting
☆71Oct 19, 2017Updated 8 years ago
Mr-Un1k0d3r / SCT-obfuscator
View on GitHub
Cobalt Strike SCT payload obfuscator
☆143Jul 7, 2017Updated 8 years ago
lorenzog / dns-parallel-prober
View on GitHub
PoC for an adaptive parallelised DNS prober
☆109Oct 4, 2022Updated 3 years ago
righettod / virtualhost-payload-generator
View on GitHub
BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…
☆60Oct 8, 2017Updated 8 years ago
jobertabma / ground-control
View on GitHub
A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
☆549Jun 12, 2017Updated 8 years ago