xxe-injection-payload-list
XML payload list
Lists examples and types of XML external entity injection payloads and attacks
🎯 XML External Entity (XXE) Injection Payload List
1k stars
23 watching
300 forks
last commit: 4 months ago
Linked from 1 awesome list
bug-bountybugbountycyber-securitycybersecurityhackinginformation-securityinfosecpayloadpayloadsweb-application-securitywebsecuritywebsecurity-referencexmlxml-entityxxexxe-examplexxe-injectionxxe-payloadxxe-payload-listxxe-payloads
qazbnm456/awesome-web-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
| payloadbox/rfi-lfi-payload-list | Provides examples and explanations of vulnerabilities in web applications | 538 |
| payloadbox/open-redirect-payload-list | A list of examples and explanations for protecting against open redirect vulnerabilities in web applications. | 533 |
 whitel1st/docem | A tool to embed malicious payloads in various document formats | 526 |
 luisfontes19/xxexploiter | An application used to exploit XXE vulnerabilities by generating XML payloads and serving them to test web applications. | 542 |
 jbarone/xxelab | A proof-of-concept web application demonstrating an XML External Entity vulnerability | 225 |
 mik0w/pallms | A collection of payloads designed to exploit vulnerabilities in large language models. | 64 |
 vp777/metahttp | Automates scanning of HTTP resources in a target network using XML External Entity (XXE) attacks | 37 |
 swisskyrepo/payloadsallthethings | A comprehensive collection of tools and techniques for web application security testing and exploitation | 61,337 |
 pallets/markupsafe | Protects against injection attacks by safely escaping untrusted strings in HTML and XML markup | 636 |
 xx0hcd/alt-beacon-payload | Creates a custom C# beacon payload with AV bypass and shellcode injection capabilities | 20 |
 enjoiz/xxeinjector | Automates exploitation of XXE vulnerability using various methods to retrieve files and data from vulnerable applications. | 1,542 |
 xyele/hackerone_wordlist | A curated list of common words and phrases used in hacking attempts to aid in security testing and assessment | 0 |
 deepcake/chickens | An example of using an entity-component system framework with game engines and physics libraries to create interactive content | 1 |
 buffalowill/oxml_xxe | A tool for exploiting XXE vulnerabilities in various file formats | 1,038 |
 twentygototen/insertoptionsloophole | Prevents users from bypassing predefined insert options by validating and enforcing insertion rules | 1 |