# Symfony && Twig

* <https://github.com/epinna/tplmap>

Usage example:

{% code title="tplmap example" %}

```bash
./tplmap.py -u 'http://www.target.com/page?name=John'
```

{% endcode %}

* <https://github.com/ambionics/symfony-exploits>

## Symfony

Check for `www.example.com/_profiler/` — it may contain errors and server variables.

### Symfony debug looter

* <https://github.com/synacktiv/eos/>

## Twig

* <https://medium.com/server-side-template-injection/server-side-template-injection-faf88d0c7f34>