ssti-detect

Community

Identify and exploit Server-Side Template Injection vulnerabilities.

AuthorChid0k
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps in detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities in web applications, enabling penetration testers and bug bounty hunters to uncover potential security flaws.

Core Features & Use Cases

  • SSTI Detection: Identifies user input embedded in templates that can lead to remote code execution.
  • Template Engine Identification: Determines the specific template engine used in the application.
  • Exploitation Techniques: Provides methodologies to exploit identified SSTI vulnerabilities for remote code execution.
  • Use Case: A pentester uses this Skill on a web application to detect SSTI vulnerabilities in its template engines, such as Jinja2, Twig, and others, and to attempt to exploit them for code execution.

Quick Start

Use the ssti-detect skill to detect SSTI vulnerabilities in the provided web application.

Dependency Matrix

Required Modules

burpburp Collaborator

Components

scriptsreferencesassets

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: ssti-detect
Download link: https://github.com/Chid0k/claude-marketplace/archive/main.zip#ssti-detect

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.