SSTImap

A python tool that automates testing and exploiting SSTI loopholes on targets. It can help identify the template engine being used and can also exploit it.

GitHub - vladko312/SSTImap: Automatic SSTI detection tool with interactive interfaceGitHub

Example usage:

python3 sstimap.py -X POST -u "http://sstivulnerablewebsite.com" -d "page="

Here page= is the name of the input field which has to be tested for SSTI.

PreviousExample 1 NextLDAP

Last updated 1 month ago