Cloud Metadata URL List
I landed the SSRF Cloud Metadata technique in a few different scenarios
recently. If you haven’t seen the talk BHUSA 2014 - Bringing a
cheatsheet
XML Entity Cheatsheet - Updated
An XML Entity testing cheatsheet. This is an updated version with nokogiri tests
removed, just (X)XE notes.
XML Declaration(s):
1
2
Simple Ruby Exec with Open and Pipe
I was researching something else and thought this was a cool way to execute a
command through the open method in ruby:
1
open("|[CMD]
XML Entity Cheatsheet
An XML Entity testing cheatsheet. Testing was done using an older vulnerable
version of nokogiri. In IRB you can require previous versions of gems. Certain