Alexandre ZANNI
|
d19b843111
|
XXE: OOB via FTP + remote DTD for XSLX files
better than the HTTP method, must robust approach, easier zip repackaging
|
2021-10-17 18:00:00 +02:00 |
|
gregxsunday
|
43a9a5d235
|
improved XXE SVG payloads to be valid XMLs
|
2021-04-24 14:45:45 +02:00 |
|
Swissky
|
f6b9d63bf8
|
DCOM exploitation and MSSQL CLR
|
2021-03-24 22:26:23 +01:00 |
|
Jonathan Leitschuh
|
92667a12a4
|
Add XXE via DTD file
|
2021-01-25 11:50:47 -05:00 |
|
Alexandre ZANNI
|
7733d4495e
|
add another example of XXE in XLSX
|
2020-12-08 09:50:30 +01:00 |
|
ムハンマド
|
eb75a7e304
|
XXE WAF Bypass Added
|
2020-12-04 05:16:37 +03:00 |
|
Vincent Gilles
|
0b90094002
|
Fix(Docs): Correcting typos on the repo
|
2020-10-17 22:52:35 +02:00 |
|
laxa
|
b4d9ee0634
|
Fix typos
|
2020-09-03 13:57:46 +02:00 |
|
bsysop
|
93f321879f
|
Typo in Excel extension name
|
2020-08-11 21:35:36 -03:00 |
|
Alexandre ZANNI
|
7aef550c39
|
XXE ref. refactor
- Add new refs
- Format title with date, author, etc.
- Remove dead hosts:
- agrawalsmart7.com
- esoln.net
|
2020-06-22 15:53:07 +02:00 |
|
Swissky
|
ac0239d332
|
Merge pull request #128 from noraj/patch-1
XXE: add XXE via SVG rasterization
|
2019-12-02 22:38:08 +01:00 |
|
Alexandre ZANNI
|
e3604c01d7
|
XXE: tools description + more tools
|
2019-11-04 01:58:15 +01:00 |
|
Alexandre ZANNI
|
83f46a22e3
|
add XXE via SVG rasterization
|
2019-11-02 00:54:48 +01:00 |
|
Alexandre ZANNI
|
52119907f6
|
add XXEinjector
|
2019-10-29 00:41:04 +01:00 |
|
Swissky
|
5094ef8b10
|
XXE in XLSX
|
2019-10-28 20:46:19 +01:00 |
|
Philippe Arteau
|
f2beb0dbbc
|
Add local DTD section to the XXE Injection page
|
2019-10-01 18:22:42 -04:00 |
|
Techbrunch
|
8822199f65
|
Add XXE payload inside SVG
Source: https://portswigger.net/web-security/xxe/lab-xxe-via-file-upload
|
2019-09-17 16:23:14 +02:00 |
|
Swissky
|
5455c30ec7
|
Juicy Potato + XXE update
|
2019-09-08 19:44:51 +02:00 |
|
Alexandre ZANNI
|
66c9d945b7
|
Update README.md
|
2019-08-06 17:28:47 +02:00 |
|
Swissky
|
9745e67465
|
HQL Injection + references update
|
2019-06-16 23:45:52 +02:00 |
|
Aj Dumanhug
|
fed4bdab90
|
Add XXE inside SVG
|
2019-03-24 03:27:12 +08:00 |
|
Alexandre ZANNI
|
333b9ea85e
|
add XXE OOB with Apache Karaf "hot deploy" (CVE-2018-11788)
|
2019-03-23 15:51:16 +01:00 |
|
Swissky
|
404afd1d71
|
Fix name's capitalization
|
2019-03-07 00:07:55 +01:00 |
|