The Official WEB-200 Syllabus covers a broad spectrum of modern web attack vectors:
SSTI is a critical risk (CWE-94) that allows attackers to execute code on the server. The PDF provides a decision tree to identify template engines (Jinja2, Twig, Freemarker, etc.) and then demonstrates how to move from template injection to a reverse shell. web-200 offensive security pdf