XSS Radar: detects parameters and fuzzes for finding XSS vulnerability
How do I install it?
At present, we’re only supporting the widely used Google Chrome. We hope to support Firefox in the future.
How do I use it?
Visit a target page, open the extension and select Fuzz!
Contexts and tests
We’ve developed contexts – and their respective tests – in a fully modular fashion. By doing so, we’ve made it easy to contribute new methodologies to Radar’s Scanner module.
Contexts are found in
extension/src/payloads/). Upon fuzzing, the Scanner searches for applicable contexts on the target and deploys the right payloads. For instance, link-based XSS bugs often rely on injection within the
href attribute, so we’ve added a context which specifically matches against these:
Tests are found within the
We’ve integrated the following reflected payload classes. These can be found in extension/src/payloads.
- AngularJS template injection
- All versions with a vulnerable Expression Sandbox are supported
- Link-based URIs
- Script injections
- Generic tag strings