From eca0bd1b36d7114a54f21892e9679a73bd877e42 Mon Sep 17 00:00:00 2001
From: Alexandre ZANNI <16578570+noraj@users.noreply.github.com>
Date: Fri, 1 Nov 2024 22:20:50 +0100
Subject: [PATCH] SSTI: engine detection

---
 Server Side Template Injection/README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index f5c8baf..4071746 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -73,6 +73,7 @@ Based on the successful response, the attacker determines which template engine
 * **Java**: Freemarker, Jinjava, Velocity, ...
 * **Ruby**: ERB, Slim, ...
 
+[This post](https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756) summurize the syntax and detection method for most of the template engines for JavaScript, Python, Ruby, Java and PHP and how to differentiate between engines that use the same syntax.
 
 ### Escalate to Code Execution