Swissky
32d9f7550d
XPATH + XSS + XXE + XSLT
2024-11-30 21:14:51 +01:00
Swissky
9425cec068
Handlebars - Basic Injection
2024-11-25 18:42:36 +01:00
Swissky
6bfad6a84d
SSTI - SpEL
2024-11-25 13:56:29 +01:00
Swissky
a338b2f12a
Normalize page header for SSTI, SAML, SSI
2024-11-10 19:14:16 +01:00
Swissky
b2bb1df9a9
References addded for SQLi, Upload, SSTI, Type Juggling
2024-11-07 20:54:16 +01:00
Swissky
138fbd97f9
Account Takeover References
2024-11-03 21:22:14 +01:00
Swissky
21dfd91180
SSTI references updates
2024-11-03 20:54:01 +01:00
Swissky
d77ef2c4fc
Templating Libraries Tables
2024-11-02 17:42:18 +01:00
Alexandre ZANNI
eca0bd1b36
SSTI: engine detection
2024-11-01 22:20:50 +01:00
Swissky
6ee918b060
SSTI update
2024-10-23 14:17:18 +02:00
Swissky
7ec97bb77e
SSTI - Pages splitted by technology
2024-10-23 13:59:18 +02:00
Swissky
97cfeee270
Tools Update
2024-01-21 21:39:23 +01:00
Maximilian Hildebrand
db1357bb3c
Added TInjA and the Template Injection Table
...
Both are novel tools to help Pentesters / Bug bounty hunters to detect template injections
2023-12-03 13:15:47 +01:00
2h0ng
34da0e2708
Update Lodash SSTI
...
Update Lodash SSTI
2023-09-02 21:24:59 -04:00
KeoOp
598d2ca3fa
Update README.md
2023-06-07 14:15:07 +08:00
Rémi GASCOU (Podalirius)
b3f98adf0c
SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]
2023-05-09 20:15:02 +02:00
Rémi GASCOU (Podalirius)
9c2b040242
Adding Jinja2 RCE through lipsum in Templates
2023-05-09 18:34:35 +02:00
Tom Wilford
c1dc141e13
Added 'passthru' filter exploits
2023-04-28 14:47:59 +01:00
Swissky
a38701a7e2
MOTD + SpEL injection
2023-02-20 17:21:43 +01:00
Alexandre ZANNI
89782643c9
SSTI: add some jinja2 examples
2023-01-28 15:29:54 +01:00
Swissky
ec7c363aba
Merge pull request #592 from oddrabbit/patch-1
...
Added in Spring Framework SSTI Detection & Exploitation
2022-12-28 10:55:13 +01:00
Swissky
996c83bb4b
Update README.md
2022-12-28 10:54:48 +01:00
Swissky
f318f8bcc0
Update README.md
2022-12-27 18:26:13 +01:00
Aur0ra
29c23ac7fd
Update README.md
2022-12-27 18:30:20 +08:00
OddRabbit
b672771a1b
Update README.md
2022-10-28 00:07:26 +11:00
Fabian S. Varon Valencia
8136e462c2
remove old link, I can't find a replacement url
2022-10-26 20:36:52 -05:00
Fabian S. Varon Valencia
3822c27634
update old url's
2022-10-26 20:36:15 -05:00
Swissky
8df30de938
Remove deadlink
2022-10-21 12:16:32 +02:00
Urmalveer Singh
4e5521deae
Fix: Broken Link
...
Changed name in summary links: Django Template > Django Templates
Fixed corresponding link: #django-template > #django-templates
2022-10-18 14:38:10 +05:30
Swissky
6dd5c18b45
Normalize Titles
2022-10-12 12:13:55 +02:00
Swissky
4ed3e3b6b9
Blind SSTI Jinja
2022-10-02 12:24:39 +02:00
Alexandre ZANNI
3e68276fb7
add 3 template engines + add lang in menu
2022-09-21 11:28:57 +02:00
Swissky
e11a37e6a2
Merge pull request #515 from vladko312/patch-1
...
Added a new SSTI tool
2022-09-07 14:01:09 +02:00
Techbrunch
7850928d41
Add detection
2022-08-30 13:54:59 +02:00
Techbrunch
871b3bcaf2
Add Django Templates SSTI
2022-08-30 13:50:03 +02:00
Wlayzz
961d935623
Update java ssti
...
fix little inattention
2022-08-19 16:22:39 +02:00
Wlayzz
8d70f262ae
Update Java SSTI
...
Adding variable expressions alternative for java injection
2022-08-19 15:04:52 +02:00
Swissky
6650c361e7
Capture a network trace with builtin tools
2022-08-15 15:02:29 +02:00
Swissky
683167d4e9
Merge pull request #521 from mh4ckt3mh4ckt1c4s/ssti-detection
...
Add SSTI detection payload + related resource
2022-08-09 22:09:15 +02:00
its0x08
fc1f3b25a7
fix: Fix spelling
2022-08-09 11:02:21 +02:00
mh4ckt3mh4ckt1c4s
9d274a39a4
Add SSTI detection payload + related resource
2022-08-05 20:05:20 +02:00
s. vewa
33d632df4e
Twig in Wordpress
...
Was very unsuccessful with the given Twig examples, quotes were escaped so got invalid, file_excerpt threw an error, too. Include and also injecting the file name helped. Don't know if this is a wordpress thing...
2022-07-24 12:30:09 +02:00
Vladislav Korchagin
7b79bce819
Update README.md
2022-07-17 18:35:59 +03:00
0x-nope
59cae2ddb4
Update README.md
2022-04-20 09:42:58 +02:00
0x-nope
3db4d04467
added Groovy EL section
2022-03-04 17:39:28 +01:00
ahronmoshe
a26867fdf9
Update README.md
2021-10-26 20:35:04 +03:00
p0dalirius
9ce58c14ef
Update ssti.fuzz
2021-10-04 09:21:10 +02:00
p0dalirius
36dc8742c1
Update ssti.fuzz
2021-10-04 09:21:10 +02:00
p0dalirius
e65c5ed291
Update ssti.fuzz
2021-10-04 09:21:10 +02:00
p0dalirius
704a7415cf
Update ssti.fuzz
2021-10-04 09:21:10 +02:00