xxe download | SourceForge.net

An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located.
This zipped Ubuntu VM is set up as a Capture the Flag with those that successfully exploit the XXE vulnerability able to place their name on a leaderboard. As with other challenges in the OWASP Vicnum project the overall purpose is to have fun and generate interest in the topic. This challenge was used in an OWASP APPSEC 'Breaking Bad' event.

Project Samples

Project Activity

See All Activity >

Follow xxe

xxe Web Site

Other Useful Business Software

Find Hidden Risks in Windows Task Scheduler

Free diagnostic script reveals configuration issues, error patterns, and security risks. Instant HTML report.

Windows Task Scheduler might be hiding critical failures. Download the free JAMS diagnostic tool to uncover problems before they impact production—get a color-coded risk report with clear remediation steps in minutes.

Download Free Tool

Rate This Project

User Reviews

Be the first to post a review of xxe!

Additional Project Details

Registered

2015-03-09

Similar Business Software

Odoo

Odoo is a fully integrated, customizable, open-source software packed with hundreds of expertly designed business applications. Odoo’s intuitive database is able to meet a majority of business needs, such as: CRM, Sales, Project, Manufacturing, Inventory, and Accounting, just to name a few. Odoo...

See Software
Kasm Workspaces

Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web...

See Software
Google Cloud Platform

Google Cloud is a cloud-based service that allows you to create anything from simple websites to complex applications for businesses of all sizes. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Eurekos

Learning management systems are good for training employees but often fail to address the unique needs of training customers & partners as well as customers' customers & partners. Eurekos is a leading European customer education specialist, offering innovative training software solutions for...

See Software
Apify

Apify is a full-stack web scraping and automation platform helping anyone get value from the web. At its core is Apify Store, a marketplace with over 10,000 Actors where developers build, publish, and monetize automation tools. Actors are serverless cloud programs that extract data, automate...

See Software