Check your WAF before an attacker does
-
Updated
Jun 28, 2024 - Python
Check your WAF before an attacker does
🎯 Server Side Template Injection Payloads
Automatic SSTI detection tool with interactive interface
CTF Cheat Sheet + Writeups / Files for some of the Cyber CTFs that I've done
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
Small Vulnerable Web App
XSS Finder Via SSTI
Websites Vulnerability Scanner
A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headers
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.
iTop < 2.7.6 - (Authenticated) Remote command execution
[BEW 2.3: Web Security] Clone this repo to begin the SSTI exploit activity.
App with Server Side Template Injection (SSTI) vulnerability - possible RCE - in Flask. Free vulnerable app for ethical hacking / penetration testing training.
Add a description, image, and links to the ssti topic page so that developers can more easily learn about it.
To associate your repository with the ssti topic, visit your repo's landing page and select "manage topics."