HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

xcat v1.0.4 - exploit and investigate blind XPath injection vulnerabilities

Status
Not open for further replies.
itsMe

itsMe

*KillmeMories*
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Jan 8, 2019
Messages
56,604
Solutions
2
Reputation
32
Reaction score
100,446
Points
2,313
Credits
32,560
‎6 Years of Service‎
 
76%
xcat.png


XCat

XCat is a command-line tool to exploit and investigate blind XPath injection vulnerabilities.

It supports a large number of features:

    Auto-selects injections (run xcat injections for a list)
    Detects the version and capabilities of the xpath parser and selects the fastest method of retrieval
    Built-in out-of-bound HTTP server
        Automates XXE attacks
        Can use OOB HTTP requests to drastically speed up retrieval
    Custom request headers and body
    Built-in REPL shell, supporting:
        Reading arbitrary files
        Reading environment variables
        Listing directories
        Uploading/downloading files (soon TM)

To see this hidden content, you must like this content.
 
Status
Not open for further replies.
Back
Top