Skills

hunt-xxe

Installation
SKILL.md

Crown Jewel Targets

XXE is a critical-severity vulnerability that consistently pays at the top of bug bounty scales ($5,000–$30,000+) due to its direct path to sensitive data exfiltration and SSRF. Highest-value targets:

  • Large enterprise platforms with XML-heavy backend integrations (finance, logistics, ride-sharing APIs)
  • Domains with file-read capability/etc/passwd, /etc/shadow, internal config files, AWS metadata endpoints
  • Subdomains sharing backend infrastructure — one XXE endpoint can pivot to internal services across dozens of domains (as demonstrated by 26+ Uber domains via a single entry point)
  • API gateways accepting XML content types — especially REST APIs that silently accept Content-Type: application/xml
  • File upload features — SVG, DOCX, XLSX, PDF, PPTX parsers on the server side
  • SAML/SSO endpoints — SAML assertions are XML-based and frequently vulnerable
  • Office/document processing services — any feature that converts or processes user-supplied documents

Attack Surface Signals

Installs
33
Repository
elementalsouls/…ughunter
GitHub Stars
2.6K
First Seen
May 24, 2026
Security Audits
Gen Agent Trust HubWarn
SocketWarn
SnykFail
hunt-xxe — elementalsouls/claude-bughunter