”xxe“ 的搜索结果

Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

A tool for embedding XXE/XML exploits into different filetypes

🎯 XML External Entity (XXE) Injection Payload List

一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo

A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.

Tool to help exploit XXE vulnerabilities

A simple web app with a XXE vulnerability.

A mini webserver with FTP support for XXE payloads

A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)

XXE Out of Band Server.

Spring Boot Actuator (jolokia) XXE/RCE

List DTDs and generate XXE payloads using those local DTDs.

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF ru...

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

An Out-of-Band XXE server for retrieving file contents over FTP.

Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测

Python XXE 漏洞复现 flask作为后台