From 52daa1d8205c42e1962ae937437b86078a68ede3 Mon Sep 17 00:00:00 2001
From: brumens <68474266+Brum3ns@users.noreply.github.com>
Date: Wed, 3 Dec 2025 13:58:27 +0100
Subject: [PATCH] Updated SSTI Reference

---
 Server Side Template Injection/README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index f7a79f5..9e0f1ca 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -95,3 +95,4 @@ Once the template engine is identified, the attacker injects more complex expres
 - [Gaining Shell using Server Side Template Injection (SSTI) - David Valles - August 22, 2018](https://medium.com/@david.valles/gaining-shell-using-server-side-template-injection-ssti-81e29bb8e0f9)
 - [Template Engines Injection 101 - Mahmoud M. Awali - November 1, 2024](https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756)
 - [Template Injection On Hardened Targets - Lucas 'BitK' Philippe - September 28, 2022](https://youtu.be/M0b_KA0OMFw)
+- [Limitations are just an illusion – advanced server-side template exploitation with RCE everywhere - YesWeHack, Brumens - March 24, 2025](https://www.yeswehack.com/learn-bug-bounty/server-side-template-injection-exploitation)
\ No newline at end of file