Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 

xxxpwn : XPath eXfiltration eXploitation Tool : https://github.com/feakk/xxxpwn Designed for blind optimized XPath 1 injection attacks

xxxpwn uses a variety of XPath optimizations to query custom information from a backend XML dodcument served from a location where XPath injection is present. By default it will attempt to retrieve the entire remote database, though this can be customized using a variety of options.

A number of previous discovered vulnerabilities have been provided as injection files and target scripts for ease in getting started. This includes a sample payload provided for the vulnerable application provided as part of xcat.py: https://github.com/orf/xcat

About

Advanced XPath Injection Tool

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published