8000 xxe · GitHub Topics · GitHub

More Web Proxy on the site http://driver.im/

#

xxe

Here are 11 public repositories matching this topic...

HLOverflow / XXE-study

This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a playground to teach or test with Vulnerability scanners / WAF rules / Secure Configuration settings.

xxe xxe-injection php-xxe-demo python-xxe-demo java-xxe-demo xxe-example xml-entity xml-entity-expansion xxe-labs xxe-study external-entities

Updated Mar 22, 2024
PHP

OlivierLaflamme / Auditing-Vulnerabilities

In this repository I'll host my research and methodologies for auditing vulnerabilities

http waf csrf crlf ssrf xxe smuggling auditing-vulnerabilities

Updated Jan 7, 2020
PHP

kmille / pentest-wiki

pwnig all the (web)things

php web reverse-shell xss code-review sql-injection ld-preload xxe file-inclusion template-injection file-uplaod

Updated Nov 21, 2020
PHP

TheWation / XXESandbox

The PHP sandbox environment is a Docker-based tool for testing XML processing code, with XXE vulnerabilities demonstrated and security considerations explained.

xxe xxe-injection xxe-example

Updated Jun 7, 2023
PHP

SigSegV2.webserver_11

noraj / SigSegV2.webserver_11

A web challenge that was available during SigSegV2 CTF (2019)

svg challenge php web ctf bypass ssrf xxe rtfm sigsegv2

Updated Jan 5, 2021
PHP

magento2-cosmic-sting-patch

wubinworks / magento2-cosmic-sting-patch

An alternative solution(as a Magento 2 extension) to fix the XXE vulnerability CVE-2024-34102(aka Cosmic Sting). If you cannot upgrade Magento or cannot apply the official patch, try this one.

extension xml bug magento2 patch hotfix xxe xml-security security-hole xml-entity cosmicsting cve-2024-34102 cosmic-sting

Updated Feb 6, 2025
PHP

v1dhun / Owasp-Top-10

OWASP top-10 vulnerabilities using PHP

xss owasp-top-10 xxe

Updated Oct 25, 2024
PHP

SigSegV2.webserver_3

noraj / SigSegV2.webserver_3

A web challenge that was available during SigSegV2 CTF (2019)

svg challenge php web ctf xxe rtfm file-read sigsegv2

Updated Jan 5, 2021
PHP

KIRAN-KUMAR-K3 / vulnerability-payload-lists

A curated repository of categorized payloads for testing and exploiting common web vulnerabilities in ethical hacking and penetration testing.

sql xss bugbounty payloads xxe command-injection xss-payloads sqli-payloads vulnerability-testing payload-lists

Updated May 14, 2025
PHP

exploit-CVE-2023-38490

Acceis / exploit-CVE-2023-38490

Kirby < 3.9.6 XML External Entity exploit

kirby exploit kirby-cms cve xxe cve-2023-38490

Updated Jul 28, 2023
PHP

wubinworks / magento2-enhanced-xml-security

A replacement of `\Magento\Framework\Xml\Security` for Magento 2 with enhanced XML Security.

security encoding xml php-fpm magento2 enhancement xxe xml-security xml-entity cve-2024-34102 cosmic-sting xml-encoding

Updated Jan 15, 2025
PHP

Improve this page

Add a description, image, and links to the xxe topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the xxe topic, visit your repo's landing page and select "manage topics."

0