This virtual environment is a simple php web application that contains an example of an XML eXternal Entity vulnerability.
You can now run XXELab in a Docker container. Build the image:
git clone https://github.com/iansecretario/xxelab.git
cd xxelab
docker build -t xxelab .
On your kali/ubuntu machine run the docker.sh to install docker
Run:
$ docker run -it --rm -p 127.0.0.1:5000:80 xxelab
Open http://localhost:5000 and have fun.
This lab works best when you make use of a proxy that will allow you to see the requests and responses. There are many you can use, but here are a few recommended ones:
#Originally from jbarone with modifications for use