#

ssti

Here are 49 public repositories matching this topic...

Make-School-Labs / Jinja2-ExploitMe

[BEW 2.3: Web Security] Clone this repo to begin the SSTI exploit activity.

exploit jinja2 python3 web-security ssti

Updated Apr 7, 2021
HTML

Hoo-dkwozD / cookie-jar

A mini-web app that captures cookies of HTTP requests sent to it

flask cookies webapp cybersecurity csrf ssrf ssti

Updated Mar 16, 2022
Python

lamyongxian / cs5331-ssti

CS5331 Server-Side Template Injection Project

twig owasp freemarker web-security appsec ssti

Updated May 3, 2023
Java

l0n3m4n / CVE-2022-29078

Serverside Template Injection (SSTI) RCE - THM challenge "whiterose"

exploit ctf ssti tryhackme web-pentesting

Updated Nov 8, 2024
Python

nezzzumi / java-payload-generator

ssti ssti-payloads

Updated Jan 26, 2024
Python

ssti01 / baim_ssti

SSTI exercises

javascript python go jinja2 pug ssti

Updated Nov 2, 2024
HTML

Tech-at-DU / Jinja2-ExploitMe

🔐 [ACS 3230] SSTI Exploit Activity

web-security ssti

Updated Oct 30, 2023
HTML

gunzf0x / Grav-CMS-RCE-Authenticated

Exploit against Grav CMS (versions below 1.7.45) that allows Remote Code Execution for an authenticated user - CVE-2024-28116

exploit rce grav-cms payload remote-code-execution ssti server-side-template-injection ssti-payloads cve-2024-28116

Updated Sep 7, 2024
Python

JVWAC / JGVWA

Java General Vulnerable Web Application

java security web rce jndi vuln ssrf xxe vulhub ssti

Updated May 31, 2024
Java

0xaniketB / HackTheBox-Bolt

pgp password-cracking ssti hackthebox-writeups

Updated Feb 19, 2022

dokDork / CommandInjectionShield

This script will prepare some tmux session precompiled to test command injection on some web page parameter (on a GET or POST request).

tmux command injection xss sql-injection kali input-validation red-team lfi rfi command-injection ssti

Updated Mar 13, 2024

Subhashis360 / PayloadsAll

logfile fuzzing xss-exploitation payload payloads xss-attacks ssrf sqlinjection xxe-injection openredirect xxe-payloads ssti xsspayload 403-bypass ssti-payloads paylods authbypss directrytravarsal phpinjection

Updated Aug 4, 2024

http406 / ServerSide-Template-Injection

Server-side template injections (SSTI) are vulnerabilities that let the attacker inject code into such server-side templates. In simple terms, the attacker can introduce code that is actually processed by the server-side template. A sample cyber security project.

cybersecurity cyber-security ssti

Updated Mar 13, 2024

mathis2001 / LightSSTICheck

LightSSTICheck is a tool designed to find basic SSTI vulnerabilities

bugbounty pentest ssti

Updated Aug 29, 2022
Python

TheWation / NodeJsSSTI

Express app with Pug templates demonstrating SSTI vulnerability and secure implementation for educational purposes.

nodejs ssti server-side-template-injection

Updated Jan 19, 2024
JavaScript

dr34mhacks / Ginger-juice-shop

An Intentionally Vulnerable SSTI application for a beginner to an experienced.

ssti ssti-payloads

Updated Sep 15, 2024
Python

storenth / lazyParam

A simple automation tool to detect LFI, RCE and SSTI vulnerability. Forked for PR and customization

ssti lfi-detection

Updated Feb 25, 2021
Python

dotPY-hax / ssti-checker

rudimentary checker/scanner for server side template injection

Updated Jul 10, 2022
Python

TrueBad0ur / ssti_java_concat_payload_generator

Simple ssti payload generator for java using concat technique

python payload payload-generator ssti

Updated Oct 26, 2022
Python

testivy / wangding_2022_ctf_findit

2022 网鼎杯玄武 web ctf thymeleaf SSTI bypass and memshell

spring thymeleaf bypass ssti

Updated Sep 16, 2022
Java

Improve this page

Add a description, image, and links to the ssti topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the ssti topic, visit your repo's landing page and select "manage topics."