Tplmap assists the exploitation of Code Injection and Server-Side Template Injection vulnerabilities with a number of sandbox escape techniques to get access to the underlying operating system.
The tool and its test suite are developed to research the SSTI vulnerability class and to be used as offensive security tool during web application penetration tests.
Directory Traversal (Path Traversal)
Possible File Upload
Remote Code Execution (RCE)
Vulnerable to OS command injection
Web-shell
Single URL (Manual)/SSTI
SSTI, Code Injection, New, Exploit
¶ DISCLAIMER:
This program is used for educational and ethical purposes only. I take no responsibility for any damages caused from using this program. By downloading and using this software, you agree that you take full responsibility for any damages and liability.