Payloads
ssti-payloads
Payloads | ssti-payloads | |
---|---|---|
1 | 1 | |
840 | 560 | |
- | 1.8% | |
3.7 | 0.0 | |
about 1 year ago | about 1 year ago | |
PHP | ||
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Payloads
ssti-payloads
-
There are some script for automate SSTI attacks?
I'm doing a hackthebox challenge where you need to exploit Flask with SSTI. I searched for some SSTI payloads and found a lot of options.
What are some alternatives?
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
sql-injection-payload-list - 🎯 SQL Injection Payload List
Garud - An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
xss-payload-list - 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
malicious-pdf - 💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
awesome-oneliner-bugbounty - A collection of awesome one-liner scripts especially for bug bounty tips.
bugbounty-cheatsheet - A list of interesting payloads, tips and tricks for bug bounty hunters.
bounty-targets-data - This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
WebHackersWeapons - ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
tplmap - NO LONGER MAINTAINED - a pentest tool to detect and exploit SSTI
IntruderPayloads - A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
HowToHunt - Collection of methodology and test case for various web vulnerabilities.