capture0x / SSTI-FINDER
This tool is designed to detect and identify Server-Side Template Injection (SSTI) vulnerabilities in web applications
☆8Updated last year
Alternatives and similar repositories for SSTI-FINDER
Users that are interested in SSTI-FINDER are comparing it to the libraries listed below
Sorting:
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆17Updated 2 years ago
- A small and an efficient tool to find SQL injection vulnerability in a websites.☆25Updated 2 years ago
- A small and efficient tool to find open redirect vulnerabilities.☆16Updated 3 years ago
- ☆14Updated last month
- 「💥」CVE-2022-33891 - Apache Spark Command Injection☆26Updated 2 years ago
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆35Updated last year
- Bxss Sniper: A web application penetration testing tool for Blind XSS detection☆20Updated last year
- A small and fast bash script to automate LFI vulnerability.☆11Updated 2 years ago
- PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal☆17Updated last year
- This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.☆16Updated 11 months ago
- Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)☆18Updated last year
- A tool for generating reverse shell payloads on the fly.☆10Updated 2 years ago
- Find subdomains by searching public certificate records☆16Updated 11 months ago
- xdebug 2.5.5 RCE exploit☆30Updated 3 months ago
- Automated Recon Tool Installer☆16Updated 2 years ago
- Template Nuclei SSTI☆29Updated last year
- An Exploitation script developed to exploit the CVE-2023-4966 bleed citrix information disclosure vulnerability☆9Updated last year
- A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticat…☆8Updated last year
- PathBuster - multiple hosts Web path scanner☆22Updated 11 months ago
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Updated 11 months ago
- A BurpSuite extension for vulnerability Scanning☆27Updated last year
- Apache OfBiz Auth Bypass Scanner for CVE-2023-51467☆11Updated last year
- "🔍 Subtron: Bash-driven subdomain seeker. Utilizes Subfinder, Amass, Assetfinder, and HTTPX to swiftly uncover live domains. Results sto…☆23Updated last year
- ☆15Updated 2 years ago
- Find CVEs that don't have a Detectify modules.☆22Updated 2 years ago
- Simple python OSINT tool for urls recon thanks to the waybackmachine.☆41Updated last year
- Generating Sub-Sub-Subdomain + validating all of them☆10Updated 2 years ago
- Automate your subdomain enumeration, subdomain takeover, management, nuclei, etc. in one go.☆10Updated 2 years ago
- Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: …☆9Updated last year
- A PHP script demonstrating cookie stealing by capturing and logging request information, including the victim's cookie, IP address, HTTP …☆35Updated last year