onsecurity.io
Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-22.
| Date Added | Resource | Excerpt |
|---|---|---|
| 2026-04-22 2026 | Pentesting PostgreSQL with SQL InjectionsSQLi | Library for analyzing and exploiting SQL injection vulnerabilities specifically targeting PostgreSQL. It details bypass methods for web application firewalls, techniques for data exfiltration across various query clauses including SELECT, WHERE, FROM, and ORDER BY, and demonstrates how to exploit nested queries. The resource covers bypassing spaces, trailing data, quotation marks using dollar quoting or `CHR()` function, and utilizes time-based blind SQL injection with concatenation and conditional logic for data leakage. |
| 2026-04-16 2026 | Method Confusion in Go SSTIs Lead to File Read and RCERCE | Library for researching Go Server-Side Template Injection (SSTI) vulnerabilities, focusing on method confusion within the `html/template` module. This library demonstrates how to achieve arbitrary file reads and Remote Code Execution (RCE) by leveraging exported methods of rendered objects, such as the `Secret` method for command execution or the `File` method from the `echo` framework for local file disclosure. |
| 2026-04-16 2026 | Session Management Vulnerabilities: What Developers Get WrongAuthN | Reference detailing common session management vulnerabilities developers introduce, such as session fixation via URL-based tokens and session hijacking through network interception, XSS, or log exposure. It stresses the importance of cryptographically secure pseudorandom number generators for token entropy, unconditional token regeneration upon login, and browser-level cookie security attributes like `Secure`, `HttpOnly`, and `SameSite`. The reference also emphasizes the necessity of both idle and absolute session timeouts, adjusting durations based on risk levels, and recommends against extending primary session tokens for "remember me" functionality. |
| 2026-04-11 2026 | Method Confusion in Go SSTIs Lead to RCESSTI | Library for Go Server-Side Template Injection (SSTI) research, detailing method confusion vulnerabilities in the `html/template` and `text/template` modules. It demonstrates how to achieve Remote Code Execution (RCE) and file read capabilities by calling exported methods with controlled parameters, offering a new avenue for exploitation beyond simple XSS. Specific examples include leveraging the `Person.Secret` method for command execution and the `echo.Context.File` method for local file reading. |
| 2026-04-10 2026 | OnSecurity: Server Side Template Injection with Jinja2SSTI | Library detailing Server-Side Template Injection (SSTI) vulnerabilities within Jinja2, focusing on Python environments. It explains template rendering and abuses the Method Resolution Order (MRO) to execute arbitrary code, including techniques for bypassing filters that block common characters like periods and underscores. The resource also explores alternative payload delivery mechanisms using Jinja2's `{% %}` syntax for conditional statements, enabling blind SSTI exploitation and data exfiltration via HTTP. |