csv-injection-payloads
ssti-payloads
csv-injection-payloads | ssti-payloads | |
---|---|---|
2 | 1 | |
169 | 560 | |
1.8% | 1.8% | |
2.1 | 0.0 | |
11 months ago | about 1 year ago | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
csv-injection-payloads
- Does anyone know any good tools or practices to test for virus and/or malware in csv files that will be stored into our internal storage?
-
Microsoft's Small Step to Disable Macros Is a Win for Security
Further reading:
- https://owasp.org/www-community/attacks/CSV_Injection
- https://github.com/payloadbox/csv-injection-payloads
ssti-payloads
-
There are some script for automate SSTI attacks?
I'm doing a hackthebox challenge where you need to exploit Flask with SSTI. I searched for some SSTI payloads and found a lot of options.
What are some alternatives?
open_safety - An application to assist with securing script execution
sql-injection-payload-list - 🎯 SQL Injection Payload List
Windows-Sandbox-Utilities - A public repository for useful developments surrounding Windows Sandbox
xss-payload-list - 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
gvisor - Application Kernel for Containers
awesome-oneliner-bugbounty - A collection of awesome one-liner scripts especially for bug bounty tips.
bugbounty-cheatsheet - A list of interesting payloads, tips and tricks for bug bounty hunters.
bounty-targets-data - This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
WebHackersWeapons - ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
tplmap - NO LONGER MAINTAINED - a pentest tool to detect and exploit SSTI
IntruderPayloads - A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
HowToHunt - Collection of methodology and test case for various web vulnerabilities.