{"id":13542281,"url":"https://github.com/GoSecure/dtd-finder","last_synced_at":"2025-04-02T09:33:31.823Z","repository":{"id":37359544,"uuid":"197065783","full_name":"GoSecure/dtd-finder","owner":"GoSecure","description":"List DTDs and generate XXE payloads using those local DTDs.","archived":false,"fork":false,"pushed_at":"2024-02-21T00:00:00.000Z","size":2051,"stargazers_count":621,"open_issues_count":1,"forks_count":107,"subscribers_count":13,"default_branch":"master","last_synced_at":"2025-03-28T10:07:30.081Z","etag":null,"topics":["dtd","hacktoberfest","security","xxe"],"latest_commit_sha":null,"homepage":"https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/GoSecure.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-15T20:13:54.000Z","updated_at":"2025-03-27T19:20:15.000Z","dependencies_parsed_at":"2024-08-01T10:16:21.279Z","dependency_job_id":"cab51935-28cf-46a6-9f42-5ab618727f96","html_url":"https://github.com/GoSecure/dtd-finder","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GoSecure%2Fdtd-finder","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GoSecure%2Fdtd-finder/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GoSecure%2Fdtd-finder/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/GoSecure%2Fdtd-finder/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/GoSecure","download_url":"https://codeload.github.com/GoSecure/dtd-finder/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246789330,"owners_count":20834277,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dtd","hacktoberfest","security","xxe"],"created_at":"2024-08-01T10:01:03.973Z","updated_at":"2025-04-02T09:33:30.549Z","avatar_url":"https://github.com/GoSecure.png","language":"Kotlin","readme":"# DTD Finder [![Build Status](https://travis-ci.org/GoSecure/dtd-finder.svg?branch=master)](https://travis-ci.org/GoSecure/dtd-finder)\n\nIdentify DTDs on filesystem snapshot and build XXE payloads using those local DTDs.\n\nQuick links:\n\n - [Get the complete files list and XXE Payloads](https://github.com/GoSecure/dtd-finder/tree/master/list)\n - For more information, [read the detailed blog post](https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation/)\n\n## Building the tool\n\n```\n$ mvn install\n```\n\n## Usage with docker image\n\n1. Start/Build the docker image\n```\n$ docker run ...\n```\n\n2. Export the filesystem\n```\n$ docker export weblogic12 -o weblogic-12-dev.tar\n```\n\n3. Launch dtd-finder\n```\n$ java -jar dtd-finder-1.0-SNAPSHOT-all.jar weblogic-12-dev.tar\n\n...\n [=] Found a DTD: /u01/oracle/wlserver/server/lib/consoleapp/webapp/WEB-INF/struts-config_1_2.dtd\nTesting 9 entities : [%AttributeName, %BeanName, %Boolean, %ClassName, %Integer, %Location, %PropName, %RequestPath, %RequestScope]\n [+] The entity %AttributeName is injectable\n [+] The entity %BeanName is injectable\n [+] The entity %Boolean is injectable\n [+] The entity %ClassName is injectable\n [+] The entity %Integer is injectable\n [+] The entity %Location is injectable\n [+] The entity %PropName is injectable\n [+] The entity %RequestPath is injectable\n [+] The entity %RequestScope is injectable\n...\n\nThe CLI tool can be launch against tar files and directories.\n\n```\n$ java -jar dtd-finder-1.0-SNAPSHOT-all.jar /specific/path/with/dtds\n...\n```\n\n\nReport written to weblogic-12-dev.tar-dtd-report.md\n```\n\n## Demonstration\n\n![dtd-finder demnonstration](demos/dtd-finder-demo-1.gif)\n\n","funding_links":[],"categories":["Tools","Exploitation","Kotlin (19)","Kotlin","Pentesting"],"sub_categories":["Offensive","XXE Injection","Payloads"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FGoSecure%2Fdtd-finder","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FGoSecure%2Fdtd-finder","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FGoSecure%2Fdtd-finder/lists"}