Springenwerk Security Scanner

This is a free XSS scanner available on web. With a few enhancements, this could make a quick scan of your applications possible. This type of scanner is useful for manual pen-testers when they have to try out loads of injection variations. Such a task is tedious to do manually and on each field in the application. This tool generates a report in a nice format.

Following are the features listed on the tool's home page.

• Finds the most common XSS vulnerabilites
• Extracts forms and input elements from given webpages and checks them for vulnerabilites
• Follows the form action targets (1 level)
• Can check custom HTTP GET and POST data arguments
• Can use Springenwerk, Firefox or IE in the requests' user agent string
• Optionally generates an HTML report file with exploits to demonstrate the vulnerabilites
• Comes with an easy to use GUI
• Platform independent, written in Python
• No installation and no super user privileges necessary
• FREE!