Hunt server-side template injection
hunt-sstiskillsetup L1★1,791
elementalsouls/Claude-BugHunter ↗What it does
Hunt ssti vulnerabilities
Best for
Discovering ssti vulnerabilities when generic scanners miss domain-specific chains.
Outputs
- · back as HTML), the same `{{7*7}}` reflection often still yields stored XSS
- · Audit/compliance report (structured)
- · Extracted source code or structured data
Requires
- · HTTP client (curl/requests)
- · Python runtime
Preconditions
Target endpoint reachable; access to HTTP inspection tools
Failure modes
- · Default failure mode applicable