ssti-server-side-template-injection
CommunityFingerprint and exploit SSTI quickly and safely.
Software Engineering#security testing#fingerprinting#ssti#template injection#engine bypass#blind ssti#oob dns
AuthorlNwNl
Version1.0.0
Installs0
System Documentation
What problem does it solve?
SSTI detection and exploitation guides help you determine whether attacker-controlled input is evaluated by server-side template engines, then systematically map the engine type to high-signal confirmation and follow-up checks.
Core Features & Use Cases
- Polyglot SSTI Fingerprinting: Use math and parsing probes to differentiate template engines (Jinja2, Twig, FreeMarker, Velocity, ERB, Thymeleaf, Smarty, Pug/Jade, and more) and separate SSTI from XSS/EL.
- Engine-Specific Payload Strategy: Apply RCE-oriented and disclosure-oriented chains per engine family, including sandbox-bypass patterns (e.g., MRO traversal for Jinja2).
- Blind SSTI Confirmation: Validate evaluation when output is not reflected using timing, boolean, and out-of-band (DNS/HTTP) techniques, plus error-based fingerprinting.
Quick Start
Use the SSTI polyglot probe sequence in SKILL.md to confirm server-side evaluation, identify the template engine, and then choose the corresponding engine payload section for validation.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ssti-server-side-template-injection Download link: https://github.com/lNwNl/Methodos/archive/main.zip#ssti-server-side-template-injection Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.