ssti-payloads
bounty-targets-data
ssti-payloads | bounty-targets-data | |
---|---|---|
1 | 1 | |
560 | 2,977 | |
1.8% | - | |
0.0 | 0.0 | |
about 1 year ago | 6 days ago | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ssti-payloads
-
There are some script for automate SSTI attacks?
I'm doing a hackthebox challenge where you need to exploit Flask with SSTI. I searched for some SSTI payloads and found a lot of options.
bounty-targets-data
-
Mass testing for bugs
There's also this to have a look at.
What are some alternatives?
sql-injection-payload-list - 🎯 SQL Injection Payload List
awesome-vulnerable-apps - Awesome Vulnerable Applications
xss-payload-list - 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
qubes-issues - The Qubes OS Project issue tracker
awesome-oneliner-bugbounty - A collection of awesome one-liner scripts especially for bug bounty tips.
dora - Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
bugbounty-cheatsheet - A list of interesting payloads, tips and tricks for bug bounty hunters.
jsprit - jsprit is a java based, open source toolkit for solving rich vehicle routing problems
WebHackersWeapons - ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
discord-bugs-exploits - A Collection of Various Discord Bugs, Exploits, Un-Documented Parts of the Discord API, and Other Discord Related Miscellaneous Stuff.
tplmap - NO LONGER MAINTAINED - a pentest tool to detect and exploit SSTI
Galaxy-Bugbounty-Checklist - Tips and Tutorials for Bug Bounty and also Penetration Tests.