ENNAENNA

Tplmap

GPL-3.0

๐Ÿ•ธ Web Scanning ยท Python

Tplmap automates the detection and exploitation of Server-Side Template Injection (SSTI) vulnerabilities. It supports over 15 template engines including Jinja2, Mako, Twig, Smarty, Freemarker, Velocity, and Jade. When it identifies a vulnerable injection point, it can escalate to operating system command execution, file read/write, and reverse shell deployment. Tplmap handles blind injection scenarios through time-based techniques and supports various payload delivery mechanisms to bypass WAFs and filters.

4.2kstars
685forks
45issues
Updated 2y ago
+I use this
View on GitHub

Installation

$ git clone https://github.com/epinna/tplmap.git && cd tplmap && pip install -r requirements.txt

Use Cases

  • Detecting server-side template injection in web applications
  • Exploiting SSTI for remote code execution
  • Testing multiple template engines for injection flaws
  • Blind SSTI detection via time-based payloads

Tags

sstitemplate-injectionexploitationweb-securityrce

Details

Category
๐Ÿ•ธ Web Scanning
Language
Python
Repository
epinna/tplmap
License
GPL-3.0
Platforms
๐Ÿงlinux๐ŸŽmacos๐ŸชŸwindows

Links

GitHub Repository

github.com/epinna/tplmap

Releases

github.com/epinna/tplmap/releases

Issues

github.com/epinna/tplmap/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

sqlmap

Python

Automatic SQL injection and database takeover tool. Detects and exploits SQL injection flaws.

Compare Tplmap vs sqlmap

XSStrike

Python

Advanced XSS detection suite. Fuzzing engine, context analysis, and WAF detection/bypass capabilities.

Compare Tplmap vs XSStrike

Commix

Python

Automated OS command injection exploitation tool. Tests web apps for command injection vulnerabilities.

Compare Tplmap vs Commix

More in Web Scanning

httpx

Go

Fast multi-purpose HTTP toolkit. Probes for running HTTP servers with retries and fallbacks.

http-probetech-detectionprojectdiscovery

Nikto

Perl

Classic web server scanner. Tests for dangerous files, outdated server software, and version-specific problems.

web-serverclassiccgi-scan

Gobuster

Go

Directory/file, DNS, and vhost busting tool. Brute-forces URIs, DNS subdomains, virtual host names, and S3 buckets.

directory-brutedns-brutevhost

Feroxbuster

Rust

Fast, recursive content discovery tool written in Rust. Like gobuster on steroids with auto-recursion.

directory-bruterecursiverust

Burp Suite Community

Java

Web vulnerability scanner and proxy. Intercept, modify, and replay HTTP/S traffic for web app testing.

proxyweb-appinterceptor

ffuf

Go

Fast web fuzzer written in Go. Fuzz anything - URLs, headers, POST data - with blazing speed.

fuzzingdirectory-brutefast