Automatic SSTI detection tool with interactive interface
-
Updated
Apr 25, 2026 - Python
Automatic SSTI detection tool with interactive interface
Check your WAF before an attacker does
CTF Cheat Sheet + Writeups / Files for some of the Security CTFs that I've done
Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.
Websites Vulnerability Scanner
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
XSS Finder Via SSTI
SSTI – Advanced / Polyglot Payloads
Static, offline security auditor for GGUF model chat templates. Detects silent behavioral backdoors and SSTI without rendering the template or running the model. Scanned all 185k GGUF models on Hugging Face: 24 real malicious templates, 0 false positives.
App with Server Side Template Injection (SSTI) vulnerability - possible RCE - in Flask. Free vulnerable app for ethical hacking / penetration testing training.
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.
RCEKit — an RCE testing toolkit for authorized security testing. Generate context- and sink-aware payloads across 14 environments, deliver them (Burp/Nuclei export or the built-in --verify harness), and auto-confirm execution — including blind/out-of-band callbacks via the built-in listener.
A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headers
This cheatsheet contains techniques, commands, and tools commonly used during web application penetration tests. It provides quick references to common vulnerabilities, exploitation techniques, and tools used in modern web application attacks.
is a PoC for CVE-2024-4040 tool for exploiting the SSTI vulnerability in CrushFTP
Add a description, image, and links to the ssti topic page so that developers can more easily learn about it.
To associate your repository with the ssti topic, visit your repo's landing page and select "manage topics."