Stoeps' Links

Talos - An Immutable OS for Kubernetes

Talos is an operating system for Kubernetes. It is designed to be lightweight, secure, and easy to use. In this article, I will introduce Talos and its features.

k8s · immutable

May 27, 2024 at 8:49:21 AM GMT+2 * · permalink

https://a-cup-of.coffee/blog/talos/#what-is-talos

FuzzySecurity | Windows Privilege Escalation Fundamentals

https://fuzzysecurity.com/tutorials/16.html

windows · privilege-escalation

May 27, 2024 at 8:49:20 AM GMT+2 * · permalink

https://fuzzysecurity.com/tutorials/16.html

OSCP Privilege Escalation Guide. After you’ve popped a shell on an OSCP…

After you’ve popped a shell on an OSCP machine, chances are you are going to need to escalate your privileges before getting that sweet root.txt. I’ve noticed that a lot of PWK students tend to…

windows · privilege-escalation

May 27, 2024 at 8:49:19 AM GMT+2 * · permalink

https://c0nd4.medium.com/oscp-privilege-escalation-guide-4b3623f57d71

Windows Privilege Escalation For OSCP and beyond (Cheat Sheet)

This is a detailed cheat sheet for windows PE, its very handy in many certification like OSCP, OSCE and CRTE Checkout my personal notes on github, it’s a handbook i made using cherrytree that…

windows · privilege-escalation

May 27, 2024 at 8:49:19 AM GMT+2 * · permalink

https://medium.com/@saintlafi/windows-privilege-escalation-for-oscp-and-beyond-cheat-sheet-b2c4a025dc6c

Privilege Escalation - Windows · Total OSCP Guide

https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_windows.html

windows · privilege-escalation

May 27, 2024 at 8:49:18 AM GMT+2 * · permalink

https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_windows.html

ssti-payloads/Intruder/ssti-payloads.txt at master · payloadbox/ssti-payloads · GitHub

🎯 Server Side Template Injection Payloads. Contribute to payloadbox/ssti-payloads development by creating an account on GitHub.

ssti

May 27, 2024 at 8:49:17 AM GMT+2 * · permalink

https://github.com/payloadbox/ssti-payloads/blob/master/Intruder/ssti-payloads.txt

PayloadsAllTheThings/Server Side Template Injection/README.md at master · swisskyrepo/PayloadsAllTheThings · GitHub

A list of useful payloads and bypass for Web Application Security and Pentest/CTF - PayloadsAllTheThings/Server Side Template Injection/README.md at master · swisskyrepo/PayloadsAllTheThings

ssti

May 27, 2024 at 8:49:17 AM GMT+2 * · permalink

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/README.md#freemarker

SSTI (Server Side Template Injection)

https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection

ssti

May 27, 2024 at 8:49:16 AM GMT+2 * · permalink

https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection

GitHub - epinna/tplmap: Server-Side Template Injection and Code Injection Detection and Exploitation Tool

Server-Side Template Injection and Code Injection Detection and Exploitation Tool - epinna/tplmap

ssti

May 27, 2024 at 8:49:15 AM GMT+2 * · permalink

https://github.com/epinna/tplmap

GitHub - Hackmanit/template-injection-table: The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.

The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities. - Hackmanit/template-injection-table

ssti

May 27, 2024 at 8:49:15 AM GMT+2 * · permalink

https://github.com/Hackmanit/template-injection-table

Template Injection Table - Hackmanit

https://cheatsheet.hackmanit.de/template-injection-table/

ssti

May 27, 2024 at 8:49:14 AM GMT+2 * · permalink

https://cheatsheet.hackmanit.de/template-injection-table/

GitHub - vladko312/SSTImap: Automatic SSTI detection tool with interactive interface

Automatic SSTI detection tool with interactive interface - vladko312/SSTImap

ssti

May 27, 2024 at 8:49:13 AM GMT+2 * · permalink

https://github.com/vladko312/sstimap

GitHub - Hackmanit/TInjA: TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages.

TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines for eight different programming languages. - Hackmanit/TInjA

ssti

May 27, 2024 at 8:49:13 AM GMT+2 * · permalink

https://github.com/Hackmanit/TInjA

GitHub - DiogoMRSilva/websitesVulnerableToSSTI: Simple websites vulnerable to Server Side Template Injections(SSTI)

Simple websites vulnerable to Server Side Template Injections(SSTI) - DiogoMRSilva/websitesVulnerableToSSTI

ssti

May 27, 2024 at 8:49:12 AM GMT+2 * · permalink

https://github.com/DiogoMRSilva/websitesVulnerableToSSTI

Method Confusion In Go SSTIs Lead To File Read And RCE

Delve into OnSecurity's research on Go's server-side template injection vulnerabilities, revealing potential for file reads and RCE exploits. Read more now.

ssti

May 27, 2024 at 8:49:12 AM GMT+2 * · permalink

https://www.onsecurity.io/blog/go-ssti-method-research/

Server-Side Template Injection

Template engines are widely used by web applications to present dynamic data via web pages and emails. Unsafely embedding user input in templates enables Server-Side Template Injection, a frequently c

ssti

May 27, 2024 at 8:49:11 AM GMT+2 * · permalink

https://portswigger.net/research/server-side-template-injection