A reusable workflow for running tests for .NET projects.
XXE Testing Page
Complete writeup and exploitation report for CloudSEK Hiring CTF — covering XXE, JWT tampering, multi-factor bypass, OSINT using BeVigil, and Python automation.
xxe smb/ftp server 适用于xxe的smb/ftp服务 docker一键启动 安全快捷
The Ultimate File Upload Bypass Generator
This cheatsheet contains techniques, commands, and tools commonly used during web application penetration tests. It provides quick references to common vulnerabilities, exploitation techniques, and tools used in modern web application attacks.
A critical vulnerability in Apple’s iOS activation backend allows injection of unauthenticated XML .plist payloads during the device setup phase. The flaw permits arbitrary provisioning changes without authentication, signature verification, or error feedback; exposing devices to pre-activation tampering & persistent configuration manipulation.
A curated repository of categorized payloads for testing and exploiting common web vulnerabilities in ethical hacking and penetration testing.
A web crawler and vulnerability scanner tool developed by Rohit Ajariwal
An alternative solution(as a Magento 2 extension) to fix the XXE vulnerability CVE-2024-34102(aka Cosmic Sting). If you cannot upgrade Magento or cannot apply the official patch, try this one.
A comprehensive Python package for XML External Entity (XXE) security testing and analysis. This package provides tools for security researchers and ethical hackers to identify and analyze XXE vulnerabilities in XML processing systems.
A replacement of `\Magento\Framework\Xml\Security` for Magento 2 with enhanced XML Security.
Add a description, image, and links to the xxe topic page so that developers can more easily learn about it.
To associate your repository with the xxe topic, visit your repo's landing page and select "manage topics."