Merge pull request #109 from meitar/tplmap

Add tplmap, an automated SSTI exploitation tool in the style of SQLmap
This commit is contained in:
Samar Dhwoj Acharya 2017-02-22 14:54:45 -06:00 committed by GitHub
commit 23cb58e320

View File

@ -184,6 +184,7 @@ A collection of awesome penetration testing resources
#### Web exploitation
* [WPScan](https://wpscan.org/) - Black box WordPress vulnerability scanner
* [SQLmap](http://sqlmap.org/) - Automatic SQL injection and database takeover tool
* [tplmap](https://github.com/epinna/tplmap) - Automatic server-side template injection and Web server takeover tool
* [weevely3](https://github.com/epinna/weevely3) - Weaponized web shell
* [Wappalyzer](https://wappalyzer.com/) - Wappalyzer uncovers the technologies used on websites
* [cms-explorer](https://code.google.com/archive/p/cms-explorer/) - CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.