Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
☆129Jan 10, 2023Updated 3 years ago
Alternatives and similar repositories for template-injection-workshop
Users that are interested in template-injection-workshop are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Workshop given at Hack in Paris 2019☆126Jun 8, 2023Updated 3 years ago
- bruteforce the admin panel☆15Jun 6, 2018Updated 8 years ago
- My CTF Challenges☆16Nov 6, 2024Updated last year
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆347Nov 20, 2022Updated 3 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Random utilities from my security projects that might be useful to others☆183Jan 26, 2025Updated last year
- Client Side Prototype Pollution Scanner☆529Sep 17, 2022Updated 3 years ago
- An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.☆220Nov 3, 2020Updated 5 years ago
- Java XMLDecoder payload generator☆16Jul 27, 2021Updated 4 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆616Mar 4, 2021Updated 5 years ago
- 本程序在后台持续运行,通过headless chrome获取hackerone最新漏洞,发送邮件给安全人员。☆16Updated this week
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆980Dec 31, 2021Updated 4 years ago
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- The project aims at creating target-specific wordlists for any web application that you are testing.☆66May 28, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆358Oct 14, 2020Updated 5 years ago
- A tool to find redirection chains in multiple URLs☆79Jan 1, 2025Updated last year
- ☆29Jan 10, 2023Updated 3 years ago
- Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。)☆13Oct 21, 2024Updated last year
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 3 years ago
- ☆13Jan 3, 2021Updated 5 years ago
- HTTP requests of FrontPage expolit☆26Dec 19, 2013Updated 12 years ago
- ☆11Dec 25, 2020Updated 5 years ago
- 收集规则☆30Dec 8, 2022Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- OWASP Amass data source scripts (assetfinder, findomain, github, subfinder)☆106Oct 18, 2020Updated 5 years ago
- ☆563Mar 27, 2025Updated last year
- Spring Boot Actuator + Spring Cloud Vul Env☆19Dec 25, 2019Updated 6 years ago
- ☆13Oct 3, 2023Updated 2 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆186Jun 22, 2022Updated 4 years ago
- Tool to extract & validate google fcm server keys from apks☆31Jan 20, 2021Updated 5 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆167Mar 5, 2021Updated 5 years ago
- ☆66Aug 25, 2021Updated 4 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆11Aug 18, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- This tool downloads, installs, and configures a shiny new copy of Chromium.☆478Apr 3, 2024Updated 2 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆661Feb 21, 2024Updated 2 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆31Mar 11, 2021Updated 5 years ago
- Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)☆84Apr 5, 2021Updated 5 years ago
- shw's CTF challenges☆27Apr 5, 2021Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,505Oct 12, 2024Updated last year
- A collection of tools to perform searches on GitHub.☆1,493Feb 9, 2023Updated 3 years ago