Continuing the series on Server-Side Template Injection (SSTI) based on the PortSwigger Web Security Academy labs. This is the 6th in the series and we’re stepping up to an expert level lab. We’ve moved past rudimentary injection attacks and moved…
This is the write up for the PortSwigger Web Security Academy 5th lab in the series for Server-Side Template Injection (SSTI). This one is definitely a step up in complexity. This goes beyond identifying the location for the injection and…
This is the fourth lab from the PortSwigger Web Security Academy on SSTI or Server Side Template Injection. This lab solves in almost exactly the same way as the previous labs – it’s a matter of finding where the vulnerability…
This is the third blog post covering server-side template injection and the associated PortSwigger Web Security Academy labs. This one, to me, is a lot like the last one. Like – exactly. That’s ok, though, as practice makes permanent. And…
Time for the second blog post as in regards to Server-Side Template Injection. This next lab goes a little deeper than the first. For the first lab, all we had to do was identify where a template may be in…