Skills
.Work. You
Rest

xxe

Community

Detect and exploit XML External Entity vulnerabilities.

Software Engineering#vulnerability#security testing#data exfiltration#ssrf#xxe#xml injection
AuthorSnailSploit
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps identify and exploit XML External Entity (XXE) vulnerabilities, a common security flaw that can lead to data disclosure, server-side request forgery, and even remote code execution.

Core Features & Use Cases

  • XXE Detection: Identifies potential XXE injection points in XML parsers.
  • Exploitation Techniques: Provides methods for classic XXE, blind XXE (out-of-band), and XXE via file uploads (SVG, DOCX).
  • Use Case: When testing a web application that accepts XML input, use this Skill to systematically probe for and exploit XXE vulnerabilities to access sensitive files or internal network resources.

Quick Start

Use the xxe skill to test for XXE vulnerabilities by attempting to read the '/etc/passwd' file.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: xxe
Download link: https://github.com/SnailSploit/Claude-Red/archive/main.zip#xxe

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.