Lynx Security is a security project devoted to performing white-box and black-box audits in order to accomplish 4 important goals: identify, isolate, assess, and mitigate vulnerabilities.
TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
230-OOB is a python script that emulates an FTP server that assists you in achieving file read via Out-of-Band XXE.
xxe.sh is a tool that generates an XXE payload and a DTD to achieve file read via XXE. It is meant to be used with 230-OOB