capture0x / SSTI-FINDER
This tool is designed to detect and identify Server-Side Template Injection (SSTI) vulnerabilities in web applications
☆9Updated last year
Alternatives and similar repositories for SSTI-FINDER:
Users that are interested in SSTI-FINDER are comparing it to the libraries listed below
- xdebug 2.5.5 RCE exploit☆30Updated last month
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆17Updated 2 years ago
- Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: …☆10Updated last year
- This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.☆15Updated 9 months ago
- ☆13Updated last year
- Bxss Sniper: A web application penetration testing tool for Blind XSS detection☆18Updated last year
- A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticat…☆10Updated 9 months ago
- This tool allows you to find ssti vulnerability with ease!☆20Updated 2 years ago
- Template Nuclei SSTI☆29Updated last year
- A small and efficient tool to find open redirect vulnerabilities.☆16Updated 3 years ago
- Automatic Mass Tool for check and exploiting vulnerability in CVE-2023-3076 - MStore API < 3.9.9 - Unauthenticated Privilege Escalation (…☆17Updated last year
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆32Updated last year
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆17Updated 8 months ago
- hacking tools☆14Updated 2 years ago
- ☆16Updated last year
- RSEScan is a command-line utility for interacting with the RSECloud. It allows you to fetch subdomains and IPs from certificates for a gi…☆16Updated 8 months ago
- A small and fast bash script to automate LFI vulnerability.☆11Updated 2 years ago
- "🔍 Subtron: Bash-driven subdomain seeker. Utilizes Subfinder, Amass, Assetfinder, and HTTPX to swiftly uncover live domains. Results sto…☆22Updated last year
- Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.☆45Updated 8 months ago
- Generating Sub-Sub-Subdomain + validating all of them☆10Updated 2 years ago
- CVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover☆27Updated 6 months ago
- crawl a website for links and expose all the vulnerable parameters.☆13Updated 2 years ago
- xsschecker tool checking reflected endpoints finding possible xss vulnerable endpoints.☆21Updated 3 months ago
- ☆14Updated last year
- Quick tool to create custom wordlists like how fuzzers work☆11Updated last year
- A small and an efficient tool to find SQL injection vulnerability in a websites.☆26Updated 2 years ago
- Simple python OSINT tool for urls recon thanks to the waybackmachine.☆38Updated last year
- Scanner for Log4j RCE CVE-2021-44228☆11Updated 2 years ago
- Simple recon tool automates your recon process☆16Updated last year