While looking at Jaimie Sirovich’s site, I “found” an interesting link to an XSS vulnerability scanner he’s building. I don’t think it’s public yet, and I don’t know exactly how it works but it appears to only work in Internet Explorer at the moment and only checks form submissions as possible injection points. Still, pretty interesting. For instance, if you input:
You end up seeing, “UH OH; pontentially viable injection on: http://www.internic.net/whois.html; form 1″ pointing to the actual injection point. Pretty cool! It’s probably a hell of a liability to have a scanner on your site, so I don’t know how long this will be there, but it’s still interesting for some lightweight pen-testing.