WAPT-E12 | A3-Server Side Template Injection (SSTI) | php, python demo | Tamil

#owasp #ssti #Tamil Chapters: 0:00 Introduction 0:50 Monolothic Code 2:24 MVC 4:00 PHP Laravel MVC Code 9:32 Python Django MVC Code 12:23 What is Template Engine 13:58 Template Types 14:52 What is SSTI? 17:06 SSTI Methodology 17:20 Step 1 Detect 21:07 Step 2 Identify 24:24 Step 3 Exploit 27:35 PHP Twig Demo 31:16 Python Tornado Demo 34:25 Tools 35:05 Root cause 35:40 Impact References: https://portswigger.net/research/server-side-template-injection https://gosecure.github.io/ https://github.com/epinna/tplmap Join this channel to get access to perks: https://www.youtube.com/channel/UC2kbWdEc2-oHKfxw6oxZT9w/join All the notes shown in the videos are available in below GitHub link https://github.com/cyberblackhole/youtube-content Join this channel to get access to perks: https://www.youtube.com/channel/UC2kbWdEc2-oHKfxw6oxZT9w/join Checkout my playlists -------------------------------------------------------------- Network Playlist: https://www.youtube.com/watch?v=Zzv4mRwqsls&list=PL03nA5zQQWtQP2LVQf8aGk2JWxhPyq3qI Python Playlist: https://www.youtube.com/watch?v=rK05jO0wYxU&list=PL03nA5zQQWtQWuPegomv_5X9FqW61hJnl Linux Playlist: https://www.youtube.com/watch?v=k4lOQZw5vbw&list=PL03nA5zQQWtR9nn6uUIgvyGlkK0sWyWnJ ---------------------------------------------------------------------------------------------- Linux Privilege Escalation: https://www.youtube.com/watch?v=lcOLf08MXU0&list=PL03nA5zQQWtRJigvSH5FxxETZRPFKnVF8 HackTheBox: https://www.youtube.com/watch?v=3k8xzRtjo_U&list=PL03nA5zQQWtQCkUFz4ZupTaKba59QD_jD| OWASP: https://www.youtube.com/watch?v=81M8k5bTF0g&list=PL03nA5zQQWtT9JzGQ-EPQSsGcbYaI7E_y BOF: https://www.youtube.com/watch?v=XXnG8Z3MIIw&list=PL03nA5zQQWtTa6Di-qSsyvNDhpRmZ171t BurpSuite: https://www.youtube.com/watch?v=vjcG6xJrX9I&list=PL03nA5zQQWtSS3ZCK5QrlyteLqaAfYcB3 Nmap: https://www.youtube.com/watch?v=tC_teBtUcvk&list=PL03nA5zQQWtSeCE4lhVaZ2uZSUojhMsiO Follow me on -------------------------------------------------------- Facebook Profile:- https://www.facebook.com/Cyber.Blackh0le FB Group:- https://www.facebook.com/groups/CyberBlackholeGroup/ FB page: https://business.facebook.com/CyberBlackholePage/ Telegram Group: https://t.me/CyberBlackhole_Group Telegram Channel: https://t.me/CyberBlackhole_Channel Discord: https://discord.gg/ahWun5P Twitter: https://twitter.com/cyberblackhole Instagram: https://www.instagram.com/Cyberblackhole/ Please like, share and subscribe for more content Disclaimer: All video's and tutorials are for informational and educational purposes only. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking every time this word is used.