Server-side hacking techniques

Automating XXE hunt with AI

Personally, I don’t test for XXEs as often as I should. One of the reasons is that, especially for a docx-based XXE, it’s quite a lot of work to put the payload, repackage the archive etc. STÖK is someone that loves XXE and he wrote a series of tweets describing how...