Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked xcat v1.0.4 - exploit and investigate blind XPath injection vulnerabilities


itsMe

Recommended Posts

This is the hidden content, please

XCat

XCat is a command-line tool to exploit and investigate blind XPath injection vulnerabilities.

It supports a large number of features:

    Auto-selects injections (run xcat injections for a list)
    Detects the version and capabilities of the xpath parser and selects the fastest method of retrieval
    Built-in out-of-bound HTTP server
        Automates XXE attacks
        Can use OOB HTTP requests to drastically speed up retrieval
    Custom request headers and body
    Built-in REPL shell, supporting:
        Reading arbitrary files
        Reading environment variables
        Listing directories
        Uploading/downloading files (soon TM)


This is the hidden content, please

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.