├── .gitignore ├── README.md ├── burp-extender ├── .gitignore ├── bin │ └── burp │ │ └── build.xml └── src │ └── burp │ ├── BurpExtender.java │ ├── IBurpExtender.java │ ├── IBurpExtenderCallbacks.java │ ├── IContextMenuFactory.java │ ├── IContextMenuInvocation.java │ ├── ICookie.java │ ├── IExtensionHelpers.java │ ├── IExtensionStateListener.java │ ├── IHttpListener.java │ ├── IHttpRequestResponse.java │ ├── IHttpRequestResponsePersisted.java │ ├── IHttpRequestResponseWithMarkers.java │ ├── IHttpService.java │ ├── IInterceptedProxyMessage.java │ ├── IIntruderAttack.java │ ├── IIntruderPayloadGenerator.java │ ├── IIntruderPayloadGeneratorFactory.java │ ├── IIntruderPayloadProcessor.java │ ├── IMenuItemHandler.java │ ├── IMessageEditor.java │ ├── IMessageEditorController.java │ ├── IMessageEditorTab.java │ ├── IMessageEditorTabFactory.java │ ├── IParameter.java │ ├── IProxyListener.java │ ├── IRequestInfo.java │ ├── IResponseInfo.java │ ├── IScanIssue.java │ ├── IScanQueueItem.java │ ├── IScannerCheck.java │ ├── IScannerInsertionPoint.java │ ├── IScannerInsertionPointProvider.java │ ├── IScannerListener.java │ ├── IScopeChangeListener.java │ ├── ISessionHandlingAction.java │ ├── ITab.java │ ├── ITempFile.java │ ├── ITextEditor.java │ └── build.xml ├── examples ├── .DS_Store ├── basic-auth-test │ ├── .gitignore │ ├── Gemfile │ ├── Gemfile.lock │ ├── README.rdoc │ ├── Rakefile │ ├── app │ │ ├── assets │ │ │ ├── images │ │ │ │ └── .keep │ │ │ ├── javascripts │ │ │ │ └── application.js │ │ │ └── stylesheets │ │ │ │ └── application.css │ │ ├── controllers │ │ │ ├── application_controller.rb │ │ │ ├── application_controller.rb~ │ │ │ ├── concerns │ │ │ │ └── .keep │ │ │ ├── script_controller.rb │ │ │ ├── user_controller.rb │ │ │ └── user_controller.rb~ │ │ ├── helpers │ │ │ └── application_helper.rb │ │ ├── mailers │ │ │ └── .keep │ │ ├── models │ │ │ ├── .keep │ │ │ └── concerns │ │ │ │ └── .keep │ │ └── views │ │ │ ├── layouts │ │ │ └── application.html.erb │ │ │ ├── private │ │ │ └── _admin.html.erb │ │ │ └── user │ │ │ ├── show.html.erb │ │ │ └── show.html.erb~ │ ├── bin │ │ ├── bundle │ │ ├── rails │ │ └── rake │ ├── config.ru │ ├── config │ │ ├── application.rb │ │ ├── boot.rb │ │ ├── database.yml │ │ ├── environment.rb │ │ ├── environments │ │ │ ├── development.rb │ │ │ ├── production.rb │ │ │ └── test.rb │ │ ├── initializers │ │ │ ├── backtrace_silencers.rb │ │ │ ├── filter_parameter_logging.rb │ │ │ ├── inflections.rb │ │ │ ├── mime_types.rb │ │ │ ├── secret_token.rb │ │ │ ├── session_store.rb │ │ │ └── wrap_parameters.rb │ │ ├── locales │ │ │ └── en.yml │ │ └── routes.rb │ ├── db │ │ └── seeds.rb │ ├── lib │ │ ├── assets │ │ │ └── .keep │ │ └── tasks │ │ │ └── .keep │ ├── log │ │ └── .keep │ ├── public │ │ ├── 404.html │ │ ├── 422.html │ │ ├── 500.html │ │ ├── favicon.ico │ │ └── robots.txt │ ├── test │ │ ├── controllers │ │ │ └── .keep │ │ ├── fixtures │ │ │ └── .keep │ │ ├── helpers │ │ │ └── .keep │ │ ├── integration │ │ │ └── .keep │ │ ├── mailers │ │ │ └── .keep │ │ ├── models │ │ │ └── .keep │ │ └── test_helper.rb │ └── vendor │ │ └── assets │ │ ├── javascripts │ │ └── .keep │ │ └── stylesheets │ │ └── .keep ├── basic-xss.php ├── bypass-regex.php ├── dom-xss extensive tests │ ├── .DS_Store │ ├── README.md │ ├── README.txt │ ├── location.hash.htmlinject.dquot.html │ ├── location.hash.htmlinject.html │ ├── location.hash.htmlinject.squot.html │ ├── location.hash.jsinject.dquot.html │ ├── location.hash.jsinject.html │ ├── location.hash.jsinject.squot.html │ ├── location.pathname.htmlinject.dquot.php │ ├── location.pathname.htmlinject.php │ ├── location.pathname.htmlinject.squot.php │ ├── location.pathname.jsinject.dquot.php │ ├── location.pathname.jsinject.squot.php │ ├── location.search.htmlinject.dquot.html │ ├── location.search.htmlinject.html │ ├── location.search.htmlinject.squot.html │ ├── location.search.jsinject.dquot.html │ ├── location.search.jsinject.html │ ├── location.search.jsinject.squot.html │ └── test_results.csv ├── dom-xss.php ├── jquery-1.11.1.min.js ├── jscontext-xss.php └── resource-load.php ├── license.txt └── xss-detector └── xss.js /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/README.md -------------------------------------------------------------------------------- /burp-extender/.gitignore: -------------------------------------------------------------------------------- 1 | /bin 2 | *.jar 3 | .project 4 | .classpath 5 | .externalToolBuilders 6 | .settings 7 | -------------------------------------------------------------------------------- /burp-extender/bin/burp/build.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/bin/burp/build.xml -------------------------------------------------------------------------------- /burp-extender/src/burp/BurpExtender.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/BurpExtender.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IBurpExtender.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IBurpExtender.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IBurpExtenderCallbacks.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IBurpExtenderCallbacks.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IContextMenuFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IContextMenuFactory.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IContextMenuInvocation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IContextMenuInvocation.java -------------------------------------------------------------------------------- /burp-extender/src/burp/ICookie.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/ICookie.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IExtensionHelpers.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IExtensionHelpers.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IExtensionStateListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IExtensionStateListener.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IHttpListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IHttpListener.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IHttpRequestResponse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IHttpRequestResponse.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IHttpRequestResponsePersisted.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IHttpRequestResponsePersisted.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IHttpRequestResponseWithMarkers.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IHttpRequestResponseWithMarkers.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IHttpService.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IHttpService.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IInterceptedProxyMessage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IInterceptedProxyMessage.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IIntruderAttack.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IIntruderAttack.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IIntruderPayloadGenerator.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IIntruderPayloadGenerator.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IIntruderPayloadGeneratorFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IIntruderPayloadGeneratorFactory.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IIntruderPayloadProcessor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IIntruderPayloadProcessor.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IMenuItemHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IMenuItemHandler.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IMessageEditor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IMessageEditor.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IMessageEditorController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IMessageEditorController.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IMessageEditorTab.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IMessageEditorTab.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IMessageEditorTabFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IMessageEditorTabFactory.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IParameter.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IParameter.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IProxyListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IProxyListener.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IRequestInfo.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IRequestInfo.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IResponseInfo.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IResponseInfo.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IScanIssue.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IScanIssue.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IScanQueueItem.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IScanQueueItem.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IScannerCheck.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IScannerCheck.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IScannerInsertionPoint.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IScannerInsertionPoint.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IScannerInsertionPointProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IScannerInsertionPointProvider.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IScannerListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IScannerListener.java -------------------------------------------------------------------------------- /burp-extender/src/burp/IScopeChangeListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/IScopeChangeListener.java -------------------------------------------------------------------------------- /burp-extender/src/burp/ISessionHandlingAction.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/ISessionHandlingAction.java -------------------------------------------------------------------------------- /burp-extender/src/burp/ITab.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/ITab.java -------------------------------------------------------------------------------- /burp-extender/src/burp/ITempFile.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/ITempFile.java -------------------------------------------------------------------------------- /burp-extender/src/burp/ITextEditor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/ITextEditor.java -------------------------------------------------------------------------------- /burp-extender/src/burp/build.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/burp-extender/src/burp/build.xml -------------------------------------------------------------------------------- /examples/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/.DS_Store -------------------------------------------------------------------------------- /examples/basic-auth-test/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/.gitignore -------------------------------------------------------------------------------- /examples/basic-auth-test/Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/Gemfile -------------------------------------------------------------------------------- /examples/basic-auth-test/Gemfile.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/Gemfile.lock -------------------------------------------------------------------------------- /examples/basic-auth-test/README.rdoc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/README.rdoc -------------------------------------------------------------------------------- /examples/basic-auth-test/Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/Rakefile -------------------------------------------------------------------------------- /examples/basic-auth-test/app/assets/images/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/app/assets/javascripts/application.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/assets/javascripts/application.js -------------------------------------------------------------------------------- /examples/basic-auth-test/app/assets/stylesheets/application.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/assets/stylesheets/application.css -------------------------------------------------------------------------------- /examples/basic-auth-test/app/controllers/application_controller.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/controllers/application_controller.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/app/controllers/application_controller.rb~: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/controllers/application_controller.rb~ -------------------------------------------------------------------------------- /examples/basic-auth-test/app/controllers/concerns/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/app/controllers/script_controller.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/controllers/script_controller.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/app/controllers/user_controller.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/controllers/user_controller.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/app/controllers/user_controller.rb~: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/controllers/user_controller.rb~ -------------------------------------------------------------------------------- /examples/basic-auth-test/app/helpers/application_helper.rb: -------------------------------------------------------------------------------- 1 | module ApplicationHelper 2 | end 3 | -------------------------------------------------------------------------------- /examples/basic-auth-test/app/mailers/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/app/models/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/app/models/concerns/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/app/views/layouts/application.html.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/views/layouts/application.html.erb -------------------------------------------------------------------------------- /examples/basic-auth-test/app/views/private/_admin.html.erb: -------------------------------------------------------------------------------- 1 | Admin -------------------------------------------------------------------------------- /examples/basic-auth-test/app/views/user/show.html.erb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/app/views/user/show.html.erb -------------------------------------------------------------------------------- /examples/basic-auth-test/app/views/user/show.html.erb~: -------------------------------------------------------------------------------- 1 | Hello world! 2 | <%= render :partial => "private/admin" %> -------------------------------------------------------------------------------- /examples/basic-auth-test/bin/bundle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/bin/bundle -------------------------------------------------------------------------------- /examples/basic-auth-test/bin/rails: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/bin/rails -------------------------------------------------------------------------------- /examples/basic-auth-test/bin/rake: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/bin/rake -------------------------------------------------------------------------------- /examples/basic-auth-test/config.ru: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config.ru -------------------------------------------------------------------------------- /examples/basic-auth-test/config/application.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/application.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/boot.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/boot.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/database.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/database.yml -------------------------------------------------------------------------------- /examples/basic-auth-test/config/environment.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/environment.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/environments/development.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/environments/development.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/environments/production.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/environments/production.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/environments/test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/environments/test.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/initializers/backtrace_silencers.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/initializers/backtrace_silencers.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/initializers/filter_parameter_logging.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/initializers/filter_parameter_logging.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/initializers/inflections.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/initializers/inflections.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/initializers/mime_types.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/initializers/mime_types.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/initializers/secret_token.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/initializers/secret_token.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/initializers/session_store.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/initializers/session_store.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/initializers/wrap_parameters.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/initializers/wrap_parameters.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/config/locales/en.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/locales/en.yml -------------------------------------------------------------------------------- /examples/basic-auth-test/config/routes.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/config/routes.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/db/seeds.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/db/seeds.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/lib/assets/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/lib/tasks/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/log/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/public/404.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/public/404.html -------------------------------------------------------------------------------- /examples/basic-auth-test/public/422.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/public/422.html -------------------------------------------------------------------------------- /examples/basic-auth-test/public/500.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/public/500.html -------------------------------------------------------------------------------- /examples/basic-auth-test/public/favicon.ico: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/public/robots.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/public/robots.txt -------------------------------------------------------------------------------- /examples/basic-auth-test/test/controllers/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/test/fixtures/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/test/helpers/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/test/integration/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/test/mailers/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/test/models/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/test/test_helper.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-auth-test/test/test_helper.rb -------------------------------------------------------------------------------- /examples/basic-auth-test/vendor/assets/javascripts/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-auth-test/vendor/assets/stylesheets/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /examples/basic-xss.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/basic-xss.php -------------------------------------------------------------------------------- /examples/bypass-regex.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/bypass-regex.php -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/.DS_Store -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/README.md -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/README.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/README.txt -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.hash.htmlinject.dquot.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.hash.htmlinject.dquot.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.hash.htmlinject.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.hash.htmlinject.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.hash.htmlinject.squot.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.hash.htmlinject.squot.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.hash.jsinject.dquot.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.hash.jsinject.dquot.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.hash.jsinject.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.hash.jsinject.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.hash.jsinject.squot.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.hash.jsinject.squot.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.pathname.htmlinject.dquot.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.pathname.htmlinject.dquot.php -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.pathname.htmlinject.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.pathname.htmlinject.php -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.pathname.htmlinject.squot.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.pathname.htmlinject.squot.php -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.pathname.jsinject.dquot.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.pathname.jsinject.dquot.php -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.pathname.jsinject.squot.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.pathname.jsinject.squot.php -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.search.htmlinject.dquot.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.search.htmlinject.dquot.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.search.htmlinject.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.search.htmlinject.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.search.htmlinject.squot.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.search.htmlinject.squot.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.search.jsinject.dquot.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.search.jsinject.dquot.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.search.jsinject.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.search.jsinject.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/location.search.jsinject.squot.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/location.search.jsinject.squot.html -------------------------------------------------------------------------------- /examples/dom-xss extensive tests/test_results.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss extensive tests/test_results.csv -------------------------------------------------------------------------------- /examples/dom-xss.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/dom-xss.php -------------------------------------------------------------------------------- /examples/jquery-1.11.1.min.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/jquery-1.11.1.min.js -------------------------------------------------------------------------------- /examples/jscontext-xss.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/jscontext-xss.php -------------------------------------------------------------------------------- /examples/resource-load.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/examples/resource-load.php -------------------------------------------------------------------------------- /license.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/license.txt -------------------------------------------------------------------------------- /xss-detector/xss.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/NetSPI/xssValidator/HEAD/xss-detector/xss.js --------------------------------------------------------------------------------