payloadbox / ssti-payloads
π― Server Side Template Injection Payloads
β634Updated 8 months ago
Alternatives and similar repositories for ssti-payloads:
Users that are interested in ssti-payloads are comparing it to the libraries listed below
- π― XML External Entity (XXE) Injection Payload Listβ1,153Updated 8 months ago
- π― RFI/LFI Payload Listβ570Updated 8 months ago
- π― Open Redirect Payload Listβ567Updated 8 months ago
- Because just a dark theme wasn't enough!β560Updated 3 months ago
- Tool to help exploit XXE vulnerabilitiesβ556Updated 2 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attackβ706Updated last year
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)β597Updated last year
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlistβ1,326Updated 3 weeks ago
- Nuclei plugin for BurpSuiteβ1,228Updated 6 months ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)β389Updated 2 years ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grepβ1,273Updated 6 months ago
- Nuclei Templates Collectionβ960Updated 10 months ago
- List of XSS Vectors/Payloadsβ1,222Updated 3 months ago
- Quick SQLMap Tamper Suggesterβ1,366Updated 2 years ago
- Automated & Manual Wordlists provided by Assetnoteβ1,404Updated 8 months ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suiteβ725Updated 3 years ago
- β878Updated 9 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ860Updated 3 years ago
- A wordlist of API names for web application assessmentsβ801Updated last month
- Burp plugin able to find reflected XSS on page in real-time while browsing on siteβ1,149Updated 4 years ago
- Automation for javascript recon in bug bounty.β969Updated last year
- Local file inclusion exploitation toolβ851Updated last year
- declutters url lists for crawling/pentestingβ1,321Updated last month
- Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease appliβ¦β242Updated 4 months ago
- Burp Extension for a passive scanning JS files for endpoint links.β771Updated last year
- HackerOne "in scope" domainsβ439Updated this week
- List DTDs and generate XXE payloads using those local DTDs.β621Updated last year
- This a adaption of tomnomnom's kxss tool with a different output formatβ456Updated last year
- A fuzzer for detecting open redirect vulnerabilitiesβ738Updated 9 months ago
- An IIS short filename enumeration toolβ900Updated 4 months ago