bb_ssti
Detect Server-Side Template Injection (SSTI) vulnerabilities in web applications supporting Jinja2, Twig, FreeMarker, Velocity, ERB, and Smarty. Input URL and optional parameters to scan for template injection flaws.
Instructions
SSTI 模板注入检测 — Jinja2/Twig/FreeMarker/Velocity/ERB/Smarty
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| url | Yes | ||
| proxy | No | ||
| cookie | No | ||
| params | No | ||
| timeout | No | ||
| auth_token | No |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |