all InfoSec news
SSTI -Bypassing Single Quotes Filter
Oct. 15, 2023, 4:34 p.m. | Arun balaji
InfoSec Write-ups - Medium infosecwriteups.com
In this blog , I would like to showcase how you can successfully exploit a Server-side template injection without using single quotes.
Hello, everyone! Today, I’m going to demonstrate how you can exploit a server-side template injection vulnerability, even when certain characters are blacklisted. Let’s get started.
What is SSTI?
Server-side template injection (SSTI) is a web application vulnerability that allows attackers to exploit templates by injecting malicious payloads.
Impact of SSTI?
When developers fail to properly sanitize and validate …
More from infosecwriteups.com / InfoSec Write-ups - Medium
Honeypots 101: A Beginner’s Guide to Honeypots
4 days, 10 hours ago |
infosecwriteups.com
No Dev Team? No Problem: Writing Malware and Anti-Malware With GenAI
4 days, 22 hours ago |
infosecwriteups.com
Devvortex Hackthebox Walkthrough
5 days, 11 hours ago |
infosecwriteups.com
Port Scanning for Bug Bounties
5 days, 11 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
Cybersecurity Consultant
@ Devoteam | Cité Mahrajène, Tunisia
GTI Manager of Cybersecurity Operations
@ Grant Thornton | Phoenix, AZ, United States
(Senior) Director of Information Governance, Risk, and Compliance
@ SIXT | Munich, Germany
Information System Security Engineer
@ Space Dynamics Laboratory | North Logan, UT
Intelligence Specialist (Threat/DCO) - Level 3
@ Constellation Technologies | Fort Meade, MD
Cybersecurity GRC Specialist (On-site)
@ EnerSys | Reading, PA, US, 19605