App with Server Side Template Injection (SSTI) vulnerability - possible RCE - in Flask. Free vulnerable app for ethical hacking / penetration testing training.
☆16Sep 15, 2022Updated 3 years ago
Alternatives and similar repositories for ssti-flask-hacking-playground
Users that are interested in ssti-flask-hacking-playground are comparing it to the libraries listed below
Sorting:
- Labs built in docker to cover NSE lessons☆11Nov 24, 2023Updated 2 years ago
- Scan4all Pro,Distributed, more optimized and faster☆13Oct 15, 2022Updated 3 years ago
- goby使用的go lib☆17Aug 5, 2021Updated 4 years ago
- LDAP Injection Vulnerability Application(Blog Sample Code)☆22Oct 4, 2018Updated 7 years ago
- Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …☆49Mar 8, 2022Updated 4 years ago
- Bybit API client library for Go (ByBit API connector)☆10Dec 19, 2025Updated 2 months ago
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆28Jul 20, 2022Updated 3 years ago
- This repository contains a collection of code examples and tutorials for programming in x86 assembly language☆31Jun 4, 2025Updated 9 months ago
- Fast subdomains enumeration tool for penetration testers☆30Feb 6, 2023Updated 3 years ago
- ☆11Feb 25, 2026Updated last week
- ☆10Jun 16, 2021Updated 4 years ago
- cmd tools for AWD☆14Jun 10, 2023Updated 2 years ago
- ☆11Sep 8, 2021Updated 4 years ago
- A NoSQL Injectable Node App☆42Jun 8, 2021Updated 4 years ago
- Jenkins WebInspect Plugin Publisher provides the ability to upload a WebInspect scan file, from your Jenkins server to your Fortify Softw…☆11Dec 23, 2025Updated 2 months ago
- Final year project in Magshimim, focusing on Python development and Web Exploitation.☆10Apr 29, 2023Updated 2 years ago
- Metasploit framework via HTTP services☆10Jul 31, 2021Updated 4 years ago
- A proof of concept for Joomla's CVE-2015-8562 vulnerability (Object Injection RCE)☆10May 3, 2024Updated last year
- goby对应的api☆34Mar 27, 2020Updated 5 years ago
- Pghostile is a tool to automate the exploitation of PostgreSQL® specific vulnerabilities that could lead to privilege escalation. It can …☆11Aug 17, 2023Updated 2 years ago
- Remote Code Execution EJS Web Applications using express-fileupload☆11Aug 17, 2021Updated 4 years ago
- ☆11Feb 10, 2022Updated 4 years ago
- Quake Command-Line Application With Golang☆10Jul 20, 2023Updated 2 years ago
- Another pentest of a vulnerable windows server☆15Sep 17, 2021Updated 4 years ago
- Speeding up identifying which binaries with a SUID flag may lead to root access☆15Aug 26, 2024Updated last year
- 🔎 Easy to use, minimalistic port scanner☆13Apr 20, 2018Updated 7 years ago
- Goby-Poc-Collection for Goby scanner https://github.com/gobysec/Goby - forked from many github accounts Thanks the authors☆12Dec 10, 2023Updated 2 years ago
- Tools that run inside the guest☆11Jan 2, 2020Updated 6 years ago
- Converts burp's sitemap to sulley's fuzzing script☆11Aug 30, 2015Updated 10 years ago
- XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04☆13Oct 16, 2018Updated 7 years ago
- 一款用Go实现的批量加载漏洞检测插件进行多线程扫描的框架。☆11Jan 20, 2024Updated 2 years ago
- A google dork parser that bypasses captcha's automatically.☆17Jul 15, 2025Updated 7 months ago
- Priv8 Tools Software Mass Dork Auto Exploit.☆13Feb 1, 2023Updated 3 years ago
- 基于机器学习的Webshell检测工具☆12May 15, 2023Updated 2 years ago
- Go实现用于Windows系统的进程隐藏工具,通过DLL注入技术将指定进程从任务管理器中隐藏☆26Jan 22, 2026Updated last month
- Parser library for 8SVX: digitally sampled audio voices consisting of 8-bit samples☆12Mar 2, 2024Updated 2 years ago
- ☆18Aug 15, 2025Updated 6 months ago
- Cracking PDF password protection via hashcat.☆14Dec 24, 2025Updated 2 months ago
- A playground website to learn how different parts of the scrollbar UI can be customized☆11Jun 15, 2025Updated 8 months ago