Bug Hunter Handbook
  • Introduction
  • Getting Started in InfoSec and Bug Bounties.
  • Presentations
  • Checklists / Guides
  • Useful Twitter Threads
  • List of Vulnerabilities
    • Recon and OSINT
      • Recon
      • Sensitive information using Github
      • Subdomain Enumeration
        • Resolvers
      • Javascript Enumeration
      • After Recon
      • Finding Information Using Public Resources
      • OSINT
      • Cloud
      • Wayback
      • Parameter / Content Discovery
      • Broken Link Highjacking
    • Host Header
    • Injection
      • Other Injection
    • DNS Rebinding
    • Cross Site Scripting (XSS)
      • Weaponizing XSS
      • WAF Bypass
    • Cross Origin Resource Sharing (CORS)
    • Local / Remote File Inclusion (LFI / RFI)
    • Server Side Request Forgery (SSRF)
    • Remote Code Execution (RCE)
    • XML Entity Injecton (XXE)
    • Price Manipulation
    • Directory / Path Traversal
    • Cross Site Request Forgery (CSRF)
      • JSON CSRF
    • Password Reset
    • Login Page Issues
    • Deserialization Attacks
    • File Upload
    • Account Takeover
    • Insecure Direct Object References (IDOR)
    • Open Redirect
    • Business Logic Flaws
    • Rate Limit Bypass / 2FA / OTP Bypass
    • Ruby on Rails
      • Mass Assginment
    • S3 Bucket
    • Race Condition
    • CRLF
    • SSTI
    • Prototype Pollution
  • Approach
  • API Security
  • Mobile Security
  • Fuzzing / Wordlists
  • BugBounty Short Write-ups
  • Burp Suite Tips and Tricks
  • HackerOne Reports
  • Response Manipulation
  • Client Vs Server Side Vulnerabilities
  • DevSecOps
  • Containers
    • Docker
    • Kubernetes
    • Containers
  • AWS
  • Azure
  • Others
    • Code Review
    • Web Sockets
    • Web Cache
    • HTTP Desync Attacks
    • Zone Transfer
    • CSP Bypass
    • Payment Bypasses
    • Http Parameter Pollution
    • Postmessage
    • Others
    • GraphQL
    • Unix / Linux
    • Email Related
    • Dependency confusion
    • Nginx Misconfigs
    • JIRA
    • OAUTH
  • Chaining of Bugs
  • Bug Bounty Automation
  • Mindmaps
  • Oneliner Collections
  • Red Teaming
  • Blue Teamining
  • Recon One Liners
  • Misc
  • Wordpress
  • Fuzzing / FuFF
  • OWASP ZAP
  • Bug List
  • Setting up burp collaborator
  • Admin Panel PwN
  • Credential Stuffing / Dump / HaveibeenPwned?
  • Tools Required
  • Nuclei Template
  • Other BugBounty Repos / Tips
  • Interview
  • Threat Modelling
  • AppSec
Powered by GitBook
On this page

Was this helpful?

  1. List of Vulnerabilities

XML Entity Injecton (XXE)

PreviousRemote Code Execution (RCE)NextPrice Manipulation

Last updated 3 years ago

Was this helpful?

Articles / Blogs:

Tools / Payloads:

Twitter:

http://www.christian-schneider.net/GenericXxeDetection.html
https://medium.com/@asif.baig330/lithium-community-platform-xxe-vulnerability-6454dd9377f8
https://gist.github.com/mgeeky/4f726d3b374f0a34267d4f19c9004870
https://blog.zsec.uk/out-of-band-xxe-2/
https://www.slideshare.net/ssuserf09cba/xxe-how-to-become-a-jedi
https://blog.netspi.com/playing-content-type-xxe-json-endpoints/
https://hawkinsecurity.com/2018/03/24/gaining-filesystem-access-via-blind-oob-xxe/
https://versprite.com/blog/xml-external-entity-xxe-processing/utm_content=73970973&utm_medium=social&utm_source=twitter
http://agrawalsmart7.com/2018/11/10/Understanding-XXE-from-Basic-to-Blind.html
https://medium.com/@jonathanbouman/xxe-at-bol-com-7d331186de54
https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation
https://securityidiots.com/Web-Pentest/XXE/XXE-Cheat-Sheet-by-SecurityIdiots.html
https://www.exploit-db.com/docs/english/45374-xml-external-entity-injection---explanation-and-exploitation.pdf
https://2017.zeronights.org/wpcontent/uploads/materials/ZN17_yarbabin_XXE_Jedi_Babin.pdf
https://github.com/BuffaloWill/oxml_xxe
https://0xgaurang.medium.com/out-of-band-xxe-in-an-e-commerce-ios-app-e22981f7b59b
https://blog.cobalt.io/how-to-execute-an-xml-external-entity-injection-xxe-5d5c262d5b16
https://f4d3.io/xxe_wild/
https://github.com/GoSecure/dtd-finder/blob/698fd678f26395e1c7c097525f7182aecad0cd5f/list/xxe_payloads.md
https://www.blackhat.com/html/webcast/11192015-exploiting-xml-entity-vulnerabilities-in-file-parsing-functionality.html
https://www.youtube.com/watch?v=LZUlw8hHp44
https://faun.pub/xxe-attacks-750e91448e8f
https://estebancano.medium.com/unique-xxe-to-aws-keys-journey-afe678989b2b
https://smoggy-mozzarella-076.notion.site/XXE-9d5d3f12a5c4487e82fddf564d792fcd
https://pwn.vg/articles/2021-06/local-file-read-via-error-based-xxe
https://twitter.com/huntmost/status/1216033868773580800
https://twitter.com/soaj1664ashar/status/1080877419723194370
https://twitter.com/honoki/status/1301092916551659522
https://twitter.com/Bugcrowd/status/1342184648856616972?s=20
https://twitter.com/harshbothra_/status/1350891025032646656?s=20