A reusable workflow for running tests for .NET projects.
A critical vulnerability in Apple’s iOS activation backend allows injection of unauthenticated XML .plist payloads during the device setup phase. The flaw permits arbitrary provisioning changes without authentication, signature verification, or error feedback; exposing devices to pre-activation tampering & persistent configuration manipulation.
The Ultimate File Upload Bypass Generator
A curated repository of categorized payloads for testing and exploiting common web vulnerabilities in ethical hacking and penetration testing.
A web crawler and vulnerability scanner tool developed by Rohit Ajariwal
This cheatsheet contains techniques, commands, and tools commonly used during web application penetration tests. It provides quick references to common vulnerabilities, exploitation techniques, and tools used in modern web application attacks.
An alternative solution(as a Magento 2 extension) to fix the XXE vulnerability CVE-2024-34102(aka Cosmic Sting). If you cannot upgrade Magento or cannot apply the official patch, try this one.
A comprehensive Python package for XML External Entity (XXE) security testing and analysis. This package provides tools for security researchers and ethical hackers to identify and analyze XXE vulnerabilities in XML processing systems.
A replacement of `\Magento\Framework\Xml\Security` for Magento 2 with enhanced XML Security.
WAFManis is a Protocol-Level WAF Evasion Fuzzing Tool that automates the discovery of evasion vulnerabilities in Web Application Firewalls (WAFs) by fuzzing HTTP requests to identify potential bypass techniques.
🎯 XML External Entity (XXE) Injection Payload List
Add a description, image, and links to the xxe topic page so that developers can more easily learn about it.
To associate your repository with the xxe topic, visit your repo's landing page and select "manage topics."