DiogoMRSilva / websitesVulnerableToSSTILinks
Simple websites vulnerable to Server Side Template Injections(SSTI)
☆400Updated 2 years ago
Alternatives and similar repositories for websitesVulnerableToSSTI
Users that are interested in websitesVulnerableToSSTI are comparing it to the libraries listed below
Sorting:
- List DTDs and generate XXE payloads using those local DTDs.☆637Updated last year
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆636Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆887Updated 3 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆734Updated 2 years ago
- HTTP file upload scanner for Burp Proxy☆411Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆373Updated last year
- Because just a dark theme wasn't enough!☆574Updated 8 months ago
- A cheatsheet for exploiting server-side SVG processors.☆757Updated 5 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆434Updated this week
- ☆407Updated 3 years ago
- 🎯 Server Side Template Injection Payloads☆685Updated last year
- Client Side Prototype Pollution Scanner☆520Updated 2 years ago
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appli…☆259Updated 8 months ago
- HTTP file upload scanner for Burp Proxy☆490Updated last year
- simple script to extract all web resources by means of .SVN folder exposed over network.☆474Updated last year
- ☆685Updated 3 years ago
- A simple web app with a XXE vulnerability.☆228Updated 3 years ago
- DNS rebinding toolkit☆253Updated 2 years ago
- List of XSS Vectors/Payloads☆1,303Updated 7 months ago
- HackerOne "in scope" domains☆471Updated this week
- Tool to help exploit XXE vulnerabilities☆565Updated 2 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆349Updated 2 years ago
- Open Redirect Payloads☆632Updated 10 months ago
- Burp Suite Logger++: Log activities of all the tools in Burp Suite☆179Updated last year
- Content-Type Research☆629Updated last month
- A wordlist of API names for web application assessments☆840Updated 2 months ago
- A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.☆723Updated last year
- Apache Solr Injection Research☆578Updated 5 years ago
- Deriving RSA public keys from message-signature pairs☆338Updated last year
- A tool for embedding XXE/XML exploits into different filetypes☆1,102Updated 8 months ago