Automation for XSS
STEPS
- take a URL as a input
- Crawl all the pages (GET and POST too)
- Look for the reflection parameters in the html rrespose
- Then i will provide one payload.txt file which contans the payload list.
- Read line by line from the payload.txt file and pass to the each URL end point like URL http://abc.com?id=1* (replace * with payload)
- If our provided payload is reflected in the response then print that reflected form and show message like "Vulnerable to XSS"