xxe download | SourceForge.net

An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, port scanning from the perspective of the machine where the parser is located.
This zipped Ubuntu VM is set up as a Capture the Flag with those that successfully exploit the XXE vulnerability able to place their name on a leaderboard. As with other challenges in the OWASP Vicnum project the overall purpose is to have fun and generate interest in the topic. This challenge was used in an OWASP APPSEC 'Breaking Bad' event.

Project Samples

Project Activity

See All Activity >

Follow xxe

xxe Web Site

Other Useful Business Software

Gen AI apps are built with MongoDB Atlas

Build gen AI apps with an all-in-one modern database: MongoDB Atlas

MongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.

Start Free

Rate This Project

User Reviews

Be the first to post a review of xxe!

Additional Project Details

Registered

2015-03-09

Similar Business Software

Odoo

Odoo is a fully integrated, customizable, open-source software packed with hundreds of expertly designed business applications. Odoo’s intuitive database is able to meet a majority of business needs, such as: CRM, Sales, Project, Manufacturing, Inventory, and Accounting, just to name a few. Odoo...

See Software
Kasm Workspaces

Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web...

See Software
Google Cloud Platform

Google Cloud is a cloud-based service that allows you to create anything from simple websites to complex applications for businesses of all sizes. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Eurekos

Learning management systems are good for training employees but often fail to address the unique needs of training customers & partners as well as customers' customers & partners. Eurekos is a leading European customer education specialist, offering innovative training software solutions for...

See Software
Ninox

Ninox is your solution for organizing and managing complex data in a structured and efficient way. With its highly flexible user interface, you can analyze, process, and evaluate any type of data. Additionally, the Ninox API enables seamless integration with services like Google for enhanced...

See Software