Automated scanner XSS (Not completed Yet)
STEPS
- Provide input as a URL
- Provide login crentials (username and password)
- Look for the reflection parameter in response for XSS attack
- Then i will provide one payload.txt file which contans the payload list.
- Read line by line from the payload.txt file and pass to the each URL end point like URL http://abc.com?id=1* (replace * with payload)
- If our provided payload is reflected in the response then print that reflected form and show message like "Vulnerable to XSS"