Merge pull request #698 from m10x/master

Added TInjA and the Template Injection Table
swisskyrepo · Dec 3, 2023 · 1c42bfe · 1c42bfe
2 parents 57703ed + db1357b
commit 1c42bfe
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
@@ -86,6 +86,15 @@
 
 Recommended tools: 
 
+[TInjA](https://github.com/Hackmanit/TInjA) - An effiecient SSTI + CSTI scanner which utilizes novel polyglots
+
+e.g:
+
+```bash
+tinja url -u "http://example.com/?name=Kirlia" -H "Authentication: Bearer ey..."
+tinja url -u "http://example.com/" -d "username=Kirlia"  -c "PHPSESSID=ABC123..."
+```
+
 [Tplmap](https://github.com/epinna/tplmap) - Server-Side Template Injection and Code Injection Detection and Exploitation Tool
 
 e.g:
@@ -119,6 +128,8 @@ In most cases, this polyglot payload will trigger an error in presence of a SSTI
 ${{<%[%'"}}%\.
 ```
 
+The [Template Injection Table](https://github.com/Hackmanit/template-injection-table) is an interactive table containing the most efficient template injection polyglots along with the expected responses of the 44 most important template engines.
+
 ## ASP.NET Razor
 
 [Official website](https://docs.microsoft.com/en-us/aspnet/web-pages/overview/getting-started/introducing-razor-syntax-c)