A vast collection of security tools for bug bounty, pentest and red teaming

#xxe

xxeserv on offsec.tools
xxeserv

A mini webserver with FTP support for XXE payloads.

#ftp   #http   #payloads   #server   #xxe  

metahttp on offsec.tools
metahttp

Script that automates the scanning of a target network for HTTP resources through XXE.

oxml_xxe on offsec.tools
oxml_xxe

Embeds XXE/XML exploits into different filetypes.

XXEinjector on offsec.tools
XXEinjector

Exploitation of XXE vulnerability using direct and different out of band methods.

#exploits   #oob   #xxe  

XXExploiter on offsec.tools
XXExploiter

Tool to help exploit XXE vulnerabilities.

XXE-FTP on offsec.tools
XXE-FTP

A mini webserver with FTP support for XXE payloads.

#ftp   #payloads   #xxe  

docem on offsec.tools
docem

Utility to embed XXE and XSS payloads in docx, odt, pptx...

#payloads   #xss   #xxe  

DTD Finder on offsec.tools
DTD Finder

List DTDs and generate XXE payloads using those local DTDs.

Ground control on offsec.tools
Ground control

A collection of scripts mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.

B-XSSRF on offsec.tools
B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF.