tplmap v0.1c - Automatic Server-Side Template Injection Detection and Exploitation Tool.

tplmap v0.1c – Automatic Server-Side Template Injection Detection and Exploitation Tool.

Changelog 0.1c:
+ core: Fix HTTP verb setting –request
+ utils: Improve –data option with query string format
+ plugins: Adapt Velocity to new Plugin object
+ test: Rename channel teststplmap-v-1-0-c

Tplmap (short for Template Mapper) is a tool that automate the process of detecting and exploiting Server-Side Template Injection vulnerabilities (SSTI).tplmap
+ This can be used by developers, penetration testers, and security researchers to detect and exploit vulnerabilities related to the template injection attacks.
+ The technique can be used to compromise web servers’ internals and often obtain Remote Code Execution (RCE), turning every vulnerable application into a potential pivot point.

Supported template engines:template-enginesUsage:

Source: https://github.com/epinna | Our Post Before