A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
-
Updated
Jul 29, 2020 - Python
A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
XXE vulnerability creator
Exploit Code, notes, and resources to accompany PortSwiggers' WebAcademy Labs.
A collection of security tools for pentersion testing
Exploit WordPress Media Library XML External Entity Injection (XXE) to exfiltrate files.
Add a description, image, and links to the xxe-injection topic page so that developers can more easily learn about it.
To associate your repository with the xxe-injection topic, visit your repo's landing page and select "manage topics."