Automatic SSTI detection tool with interactive interface
-
Updated
Apr 25, 2026 - Python
Automatic SSTI detection tool with interactive interface
Check your WAF before an attacker does
CTF Cheat Sheet + Writeups / Files for some of the Security CTFs that I've done
Waymap is a fast and optimized web vulnerability scanner built for penetration testers. It helps in identifying vulnerabilities by testing against various payloads.
Websites Vulnerability Scanner
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
XSS Finder Via SSTI
SSTI – Advanced / Polyglot Payloads
Static, offline security auditor for GGUF model chat templates. Detects silent behavioral backdoors and SSTI without rendering the template or running the model. Scanned all 185k GGUF models on Hugging Face: 24 real malicious templates, 0 false positives.
App with Server Side Template Injection (SSTI) vulnerability - possible RCE - in Flask. Free vulnerable app for ethical hacking / penetration testing training.
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.
RCEPayloadGen is a context-aware RCE payload generator for authorized security testing, producing 20k+ targeted, executable payloads across 12 environments — with safety tiers, observable indicators, a benign detection mode, and metadata-rich output for validation, fuzzing, and pentest automation.
A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headers
This cheatsheet contains techniques, commands, and tools commonly used during web application penetration tests. It provides quick references to common vulnerabilities, exploitation techniques, and tools used in modern web application attacks.
is a PoC for CVE-2024-4040 tool for exploiting the SSTI vulnerability in CrushFTP
Add a description, image, and links to the ssti topic page so that developers can more easily learn about it.
To associate your repository with the ssti topic, visit your repo's landing page and select "manage topics."