Cenzic 232 Patent
Paid Advertising
web application security lab

XSS Vulnerability Scanner

While looking at Jaimie Sirovich’s site, I “found” an interesting link to an XSS vulnerability scanner he’s building. I don’t think it’s public yet, and I don’t know exactly how it works but it appears to only work in Internet Explorer at the moment and only checks form submissions as possible injection points. Still, pretty interesting. For instance, if you input:

http://www.internic.net/whois.html

You end up seeing, “UH OH; pontentially viable injection on: http://www.internic.net/whois.html; form 1″ pointing to the actual injection point. Pretty cool! It’s probably a hell of a liability to have a scanner on your site, so I don’t know how long this will be there, but it’s still interesting for some lightweight pen-testing.

6 Responses to “XSS Vulnerability Scanner”

  1. Dude Says:

    Um… It keeps saying that my code is invalid. I have tried 20 times.

  2. Matt Says:

    sounds like a great thing to have for your own site, but if you’ve got the option to check other sites outside of your domain, then any site (i.e. PayPal) can be checked and then exploited!! good idea in theory, but maybe not so good in practice.

  3. RSnake Says:

    Dude, try in Internet Explorer, I haven’t been able to get it working in Firefox myself… not sure what the problem is nor do I really care to investigate, but switching to Internet Explorer seemed to do the trick.

  4. otsego Says:

    It worked fine in Firefox 1.5.0.6 for me.

  5. Dude Says:

    Ah, thank you. It works perfectly in Internet Explorer. :)

    Now I will post more at this website.

  6. d3hydr8 Says:

    I have made my own in python, it used http response and “source” searching to determine if its a potential XSS. Let me know what you think.

    http://darkcode.ath.cx/scanners/XSSscan.py