Daily Shaarli

All links of one day in a single page.

May 27, 2024

Talos - An Immutable OS for Kubernetes
thumbnail

Talos is an operating system for Kubernetes. It is designed to be lightweight, secure, and easy to use. In this article, I will introduce Talos and its features.

Privilege Escalation - Windows · Total OSCP Guide
PayloadsAllTheThings/Server Side Template Injection/README.md at master · swisskyrepo/PayloadsAllTheThings · GitHub
thumbnail

A list of useful payloads and bypass for Web Application Security and Pentest/CTF - PayloadsAllTheThings/Server Side Template Injection/README.md at master · swisskyrepo/PayloadsAllTheThings

Template Injection Table - Hackmanit
GitHub - vladko312/SSTImap: Automatic SSTI detection tool with interactive interface
thumbnail

Automatic SSTI detection tool with interactive interface - vladko312/SSTImap

Method Confusion In Go SSTIs Lead To File Read And RCE

Delve into OnSecurity's research on Go's server-side template injection vulnerabilities, revealing potential for file reads and RCE exploits. Read more now.

Server-Side Template Injection
thumbnail

Template engines are widely used by web applications to present dynamic data via web pages and emails. Unsafely embedding user input in templates enables Server-Side Template Injection, a frequently c

Introduction - bootc
Conor Hughes: "During lunch a friend mentioned that you can just…" - Mastodon @ SDF

During lunch a friend mentioned that you can just supply a HTTP URL to vim on the command line and it would use curl to download that resource and allow you to edit the content. I jokingly asked whether if you enter :w it would then issue a HTTP POST back to the origin which is of course ridiculous. It issues a PUT

FuzzySecurity | Windows Privilege Escalation Fundamentals
Windows Privilege Escalation For OSCP and beyond (Cheat Sheet)
thumbnail

This is a detailed cheat sheet for windows PE, its very handy in many certification like OSCP, OSCE and CRTE Checkout my personal notes on github, it’s a handbook i made using cherrytree that…

SSTI (Server Side Template Injection)
thumbnail
GitHub - epinna/tplmap: Server-Side Template Injection and Code Injection Detection and Exploitation Tool
thumbnail

Server-Side Template Injection and Code Injection Detection and Exploitation Tool - epinna/tplmap

GitHub - Hackmanit/TInjA: TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.
thumbnail

TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages. - Hackmanit/TInjA

How to Use Flask, a Lightweight Python Framework - The New Stack
thumbnail

This tutorial shows how to use Flask, a lightweight, minimalistic Python framework.

OSCP Privilege Escalation Guide. After you’ve popped a shell on an OSCP…
thumbnail

After you’ve popped a shell on an OSCP machine, chances are you are going to need to escalate your privileges before getting that sweet root.txt. I’ve noticed that a lot of PWK students tend to…

ssti-payloads/Intruder/ssti-payloads.txt at master · payloadbox/ssti-payloads · GitHub
thumbnail

🎯 Server Side Template Injection Payloads. Contribute to payloadbox/ssti-payloads development by creating an account on GitHub.

GitHub - Hackmanit/template-injection-table: The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.

The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities. - Hackmanit/template-injection-table

GitHub - DiogoMRSilva/websitesVulnerableToSSTI: Simple websites vulnerable to Server Side Template Injections(SSTI)
thumbnail

Simple websites vulnerable to Server Side Template Injections(SSTI) - DiogoMRSilva/websitesVulnerableToSSTI

serversidetemplateinjection.pdf
Kalender 2024 Hessen: Ferien, Feiertage, PDF-Vorlagen
thumbnail

Jahreskalender 2024 f�r Hessen mit Schulferien, Feiertagen, Kalenderwochen und PDF-Vorlagen zum Download und Ausdrucken (kostenlos)

Ilya 30u30