capture0x / SSTI-FINDER
This tool is designed to detect and identify Server-Side Template Injection (SSTI) vulnerabilities in web applications
☆8Updated last year
Alternatives and similar repositories for SSTI-FINDER:
Users that are interested in SSTI-FINDER are comparing it to the libraries listed below
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆17Updated 2 years ago
- A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticat…☆8Updated 11 months ago
- xdebug 2.5.5 RCE exploit☆30Updated 3 months ago
- RSEScan is a command-line utility for interacting with the RSECloud. It allows you to fetch subdomains and IPs from certificates for a gi…☆16Updated 10 months ago
- ☆13Updated last month
- Simple python OSINT tool for urls recon thanks to the waybackmachine.☆39Updated last year
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆35Updated last year
- This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.☆16Updated 11 months ago
- Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: …☆9Updated last year
- Bxss Sniper: A web application penetration testing tool for Blind XSS detection☆20Updated last year
- A small and an efficient tool to find SQL injection vulnerability in a websites.☆25Updated 2 years ago
- 「💥」CVE-2022-33891 - Apache Spark Command Injection☆26Updated 2 years ago
- A BurpSuite extension for vulnerability Scanning☆27Updated last year
- Simple recon tool automates your recon process☆16Updated 2 years ago
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Updated 10 months ago
- xsschecker tool checking reflected endpoints finding possible xss vulnerable endpoints.☆21Updated 5 months ago
- ☆15Updated last year
- Check if domain has bug bounty program or not☆27Updated last year
- XSS Finder Via SSTI☆55Updated last year
- A 1 Liner SQL Injection Attack using SQLMAP and various parameters that helps quickly check for a vulnerabilities during Bug Bounty☆39Updated 7 months ago
- A small and fast bash script to automate LFI vulnerability.☆11Updated 2 years ago
- ☆21Updated 2 years ago
- Find subdomains by searching public certificate records☆16Updated 10 months ago
- Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.☆47Updated 10 months ago
- Find CVEs that don't have a Detectify modules.☆21Updated 2 years ago
- Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)☆18Updated last year
- A bash script that automates the process of service discovery on specified target hosts. The aim of the scripts is reducing scan time, in…☆13Updated 4 months ago
- CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)☆29Updated last year
- This tool allows you to find ssti vulnerability with ease!☆20Updated 2 years ago
- Automatic Mass Tool for check and exploiting vulnerability in CVE-2023-3076 - MStore API < 3.9.9 - Unauthenticated Privilege Escalation (…☆17Updated last year