XXE/XML Attack

Malicious DTD Following snippet can be used to get Local File Inclusion or Remote Command Execution on vulnerable XML.

Web Enum

Scan site for for general vulnerabilities and applications

Check supported HTTP Methods 

Check HTTP Vulns with NMAP