Websites Vulnerability Scanner

Achieve the concept of security of web coding through this project.

An Intentionally Vulnerable SSTI application for a beginner to an experienced.

Exploit against Grav CMS (versions below 1.7.45) that allows Remote Code Execution for an authenticated user - CVE-2024-28116

Voyager.js is a Node.js script designed for testing URLs for template injection vulnerabilities. It automates the process of appending known injection strings to URLs and monitors the responses for signs of successful injection.

A cybersecurity tool for Server Side Template Injection (SSTI) vulnerabilities. It was created in Python with the purpose of exploiting a machine on the HackTheBox platform.

JAVA SSTI obfuscation tool

App with Server Side Template Injection (SSTI) vulnerability - possible RCE - in Flask. Free vulnerable app for ethical hacking / penetration testing training.

A collection of payloads for different vulnerabilities, best payload lists in one repository