Websites Vulnerability Scanner

App with Server Side Template Injection (SSTI) vulnerability - possible RCE - in Flask. Free vulnerable app for ethical hacking / penetration testing training.

An Intentionally Vulnerable SSTI application for a beginner to an experienced.

JAVA SSTI obfuscation tool

Exploit against Grav CMS (versions below 1.7.45) that allows Remote Code Execution for an authenticated user - CVE-2024-28116

A cybersecurity tool for Server Side Template Injection (SSTI) vulnerabilities. It was created in Python with the purpose of exploiting a machine on the HackTheBox platform.