screamingCSS.pl
Vulnerablitity Detector

Summary
  This is a very quick, very simple detector to find the most basic of 
  Cross Site Scripting Vulnerablities in WebSites.  It's based on 
  screamingCobra. 
 
  It will try to go out and spider a site and see if the user inputs 
  come out on the page unfiltered.  It has already been used by me to 
  find problems with sites. 

Requirements

   Perl 5.
   wget

Download
   This program is no longer supported. Use at your own risk ! 
 
    screamingCSS1.02.tar.gz V1.02 7 KB
 
 
 
Background  

 CERT alerted to Cross Site Scripting over a year ago and gave 
  many specific recommendations on how to prevent such attacks.
 http://www.cert.org/advisories/CA-2000-02.html
 
 Public warning from me regarding some high traffic sites
 http://www.devitry.com/security.html