Results for "ssti"

Claude Code Claude Desktop GitHub Copilot Cursor Windsurf Cline Zed JetBrains

📄SKILL.md 🤖CLAUDE.md ⚡Claude Commands 📐.cursorrules 📐Cursor Rules 🕹️AGENTS.md 🧬codex.md 🏄.windsurfrules 🔧.clinerules 🧑‍✈️Copilot Instructions

All Development Operations Data Product Marketing Customer Design Sales

98 skills found · Page 1 of 4

nemesida-waf / Waf Bypass

1.5k

Check your WAF before an attacker does

universal

api-security-testingbypassgraphql-injection+13

Updated 7d ago

vladko312 / SSTImap

1.4k

Automatic SSTI detection tool with interactive interface

universal

information-securitypenetration-testingpenetration-testing-tools+7

Updated 6h ago

1ndianl33t / Gf Patterns

1.4k

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

universal

Updated 5d ago

Marven11 / Fenjing

1.3k

专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF

universal

ctfjinja2python+4

Updated 3h ago

Adamkadaban / CTFs

813

CTF Cheat Sheet + Writeups / Files for some of the Cyber CTFs that I've done

universal

binary-exploitationcheatsheetcloud+17

Updated 2d ago

R0X4R / Garud

804

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

universal

assetfinderbash-scriptbugbounty+11

Updated 12d ago

Lotus6 / JavaGadgetGenerator

555

JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...

universal

Updated 8h ago

DiogoMRSilva / WebsitesVulnerableToSSTI

417

Simple websites vulnerable to Server Side Template Injections(SSTI)

universal

securityssti

Updated 1mo ago

pikpikcu / XRCross

351

universal

bugbountybugbounty-toolcheck-subdomains+12

Updated 9d ago

Yt1g3r / CVE 2019 3396 EXP

174

CVE-2019-3396 confluence SSTI RCE

universal

confluencecve-2019-3396exp+1

Updated 2mo ago

unix-ninja / Shellfire

173

An exploitation shell focusing on exploiting command injection vulnerabilities, eg., LFI, RFI, SSTI, etc.

universal

Updated 1mo ago

X3NNY / Sstilabs

123

A lab to help you learning SSTI

universal

Updated 11d ago

TrixSec / Waymap

117

Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.

zed

bypasscommand-injectioncommand-injection-scanner+17

Updated 8d ago

B0T1eR / YsoSimple

108

ysoSimple：简易的Java漏洞利用工具，集成Java反序列化，Hessian反序列化，XStream反序列化，SnakeYaml反序列化，Shiro550，JSF反序列化，SSTI模板注入，JdbcAttackPayload，JNDIAttack，字节码生成。

universal

Updated 19d ago

p3n73st3r / Ghazi

107

Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab Will Replace Every GET or POST Parameters With Selected TAB in "Proxy" or "Repeater" TAB

universal

Updated 4mo ago

vladko312 / Research Successful Errors

Clear and obvious name of the exploitation technique can create a false sense of familiarity, even if its true potential was never researched, the technique itself is never mentioned and payloads are limited to a couple of specific examples. This research focuses on two such techniques for Code Injection and SSTI.

universal

Updated 1d ago