Engineering
xss-testing avatar

xss-testing

Automated security skill for identifying and validating XSS vulnerabilities, including Reflected, Stored, and DOM-based attacks across various contexts.

Introduction

The xss-testing skill provides an autonomous, agent-driven approach to detecting Cross-Site Scripting (XSS) vulnerabilities within web applications. Designed for security engineers and developers performing DAST (Dynamic Application Security Testing), this skill identifies injection points in URL parameters, POST bodies, HTTP headers, and cookies. It validates susceptibility to common XSS variants including Reflected (CWE-79), Stored (CWE-79), and DOM-based (Type 0) vulnerabilities, while also addressing specific edge cases such as Error Message XSS (CWE-81), Attribute Context XSS (CWE-83), and URI Scheme XSS (CWE-84). By simulating browser-based execution and analyzing HTTP response content for unencoded script tags or dangerous DOM sinks like innerHTML and eval, it provides empirical evidence of security flaws.

  • Performs multi-vector XSS testing, including HTML body, attribute contexts, JavaScript string escaping, and CSS value injection.

  • Supports advanced filter bypass testing for Doubled Character (CWE-85), Invalid Character (CWE-86), and Alternate Syntax (CWE-87) XSS.

  • Provides contextual validation for various sinks, checking for unencoded reflection, script execution indicators, and DOM manipulation.

  • Integrates seamlessly into automated security pipelines for continuous vulnerability assessment of web applications.

  • Capable of identifying both reflected non-persistent attacks and persistent stored attacks retrieved from backend storage.

  • Prerequisite: Requires a reachable target application and identified input vectors such as form fields or URL parameters.

  • Testing Methodology: Follows a structured approach: identifying injection points, determining context (HTML vs. JS vs. URL), establishing a baseline, and executing payload testing.

  • Safety: Designed for use in non-production, sandbox, or development environments to prevent unauthorized script execution on live user sessions.

  • Output: Generates actionable findings, classifying vulnerabilities by status and providing evidentiary HTTP traces for further investigation.

  • Best Practice: Use in conjunction with other SecureVibes DAST skills to ensure comprehensive coverage of OWASP Top 10 vulnerabilities.

Repository Stats

Stars
268
Forks
62
Open Issues
2
Language
Python
Default Branch
main
Sync Status
Idle
Last Synced
May 3, 2026, 04:06 PM
View on GitHub
xss-testing | Skills Hub