Symfony && Twig

• https://github.com/epinna/tplmap

Usage example:

tplmap example

./tplmap.py -u 'http://www.target.com/page?name=John'

• https://github.com/ambionics/symfony-exploits

Symfony

Check for www.example.com/_profiler/ — it may contain errors and server variables.

Symfony debug looter

• https://github.com/synacktiv/eos/

Twig

• https://medium.com/server-side-template-injection/server-side-template-injection-faf88d0c7f34