Vladislav Korchagin

I guess, the best solution would be to add two changes: 1) Add an option with a long name to allow `none` handling (similar to how `--no-preserve-root` prevents users from...

Actually, RFC considers the need to specifically add `none` algorithm to whitelist as a good enough measure against accidental usage, but adding a separate option will make it safer.

It seems like at this point it is already running. Have you tried opening http://127.0.0.1 in browser?

Handlebars is not supported by SSTImap yet, so it can cause incorrect detections. tpl-shell might work, if you write Handlebars code in it according to the detected context. I will...

As for POST requests, I have plans to add support for more formats, such as text/plain and application/json, as well as some processing scripts, including urlencode. As for Java EL,...

As for POST requests, should be possible in 1.2.0 using `text` data type Can you verify?

Your terminal does not support ANSI escape sequences, so instead of changing color it just prints some garbage. I will add support for removing color soon. For Windows, I would...

@alasalamont Why is your case false positive? SSTImap correctly identified the template injection as rendered `Freemarker` using another payload. It was unable to run OS commands, as it tried using...

@mrdragonblack the problem you described is most likely caused by blind detection with small delay. Increase the delay or disable blind detection

> I suggest add more some payload to test to double-check. Like in this case, the sysetm has no bash I will do something about that, making more payload variations...