Overview
Write Ups Compilations/Resources
Main Resources
Labs
Cross Site Request Forgery
- Cross Site Request Forgery (CSRF)
Missing Access Controls
- Missing Access Controls
LFI / Directory Traversal
- Local File Inclusion
XXE
- XML External Entity (XXE)
Injection
SSRF
- Server-Side Request Forgery (SSRF)
  - SSRF Write-ups
  - Source Code Review
Unvalidated Redirects and Forwards
- Unvalidated Redirects and Forwards
  - Writeups
  - Source Code Examples
Verbose Error Messages and Stack Traces
- Verbose Error Messages and Stack Traces
  - Write-ups

Powered by GitBook

On this page

Was this helpful?

Injection

Server-Side Template Injection

Resources

PreviousLabs NextPayloads

Last updated 3 years ago

Server-Side Template InjectionPortSwigger Research

WSTG - v4.1 | OWASP Foundation

Server Side Template Injection - A Crash course! | we45we45

PayloadsAllTheThings/Server Side Template Injection at master · swisskyrepo/PayloadsAllTheThingsGitHub

Exploring SSTI in Flask/Jinja2, Part II

Gaining Shell using Server Side Template Injection (SSTI)Medium

Exploring SSTI in Flask/Jinja2

SSTI in Flask/Jinja2Medium

SSTI (Server Side Template Injection)HackTricks