#xxe

Astra
Astra

Automated Security Testing For REST API's.

XXElixir
XXElixir

This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.

xxeserv
xxeserv

A mini webserver with FTP support for XXE payloads.

metahttp
metahttp

Script that automates the scanning of a target network for HTTP resources through XXE.

oxml_xxe
oxml_xxe

Embeds XXE/XML exploits into different filetypes.

XXEinjector
XXEinjector

Exploitation of XXE vulnerability using direct and different out of band methods.

XXExploiter
XXExploiter

Tool to help exploit XXE vulnerabilities.

XXE-FTP
XXE-FTP

A mini webserver with FTP support for XXE payloads.

docem
docem

Utility to embed XXE and XSS payloads in docx, odt, pptx...

DTD Finder
DTD Finder

List DTDs and generate XXE payloads using those local DTDs.

Ground control
Ground control

A collection of scripts mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.

B-XSSRF
B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF.