ssti-detect
CommunityIdentify and exploit Server-Side Template Injection vulnerabilities.
Software Engineering#penetration testing#web application security#ssti#template injection#remote code execution
AuthorChid0k
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps in detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities in web applications, enabling penetration testers and bug bounty hunters to uncover potential security flaws.
Core Features & Use Cases
- SSTI Detection: Identifies user input embedded in templates that can lead to remote code execution.
- Template Engine Identification: Determines the specific template engine used in the application.
- Exploitation Techniques: Provides methodologies to exploit identified SSTI vulnerabilities for remote code execution.
- Use Case: A pentester uses this Skill on a web application to detect SSTI vulnerabilities in its template engines, such as Jinja2, Twig, and others, and to attempt to exploit them for code execution.
Quick Start
Use the ssti-detect skill to detect SSTI vulnerabilities in the provided web application.
Dependency Matrix
Required Modules
burpburp Collaborator
Components
scriptsreferencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ssti-detect Download link: https://github.com/Chid0k/claude-marketplace/archive/main.zip#ssti-detect Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.