From db1357bb3c6a7b727efd93306a7494348acf6e6f Mon Sep 17 00:00:00 2001
From: Maximilian Hildebrand <github@m10x.de>
Date: Sun, 3 Dec 2023 13:15:47 +0100
Subject: [PATCH] Added TInjA and the Template Injection Table

Both are novel tools to help Pentesters / Bug bounty hunters to detect template injections
---
 Server Side Template Injection/README.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index 36af692..a3c6acb 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -86,6 +86,15 @@
 
 Recommended tools: 
 
+[TInjA](https://github.com/Hackmanit/TInjA) - An effiecient SSTI + CSTI scanner which utilizes novel polyglots
+
+e.g:
+
+```bash
+tinja url -u "http://example.com/?name=Kirlia" -H "Authentication: Bearer ey..."
+tinja url -u "http://example.com/" -d "username=Kirlia"  -c "PHPSESSID=ABC123..."
+```
+
 [Tplmap](https://github.com/epinna/tplmap) - Server-Side Template Injection and Code Injection Detection and Exploitation Tool
 
 e.g:
@@ -119,6 +128,8 @@ In most cases, this polyglot payload will trigger an error in presence of a SSTI
 ${{<%[%'"}}%\.
 ```
 
+The [Template Injection Table](https://github.com/Hackmanit/template-injection-table) is an interactive table containing the most efficient template injection polyglots along with the expected responses of the 44 most important template engines.
+
 ## ASP.NET Razor
 
 [Official website](https://docs.microsoft.com/en-us/aspnet/web-pages/overview/getting-started/introducing-razor-syntax-c)