Public
Like
XSSAgent
Val Town is a collaborative website to build and scale JavaScript apps.
Deploy APIs, crons, & store data – all from the browser, and deployed in milliseconds.
Viewing readonly version of main branch: v1View latest version
An intelligent XSS vulnerability testing tool that combines AI-powered analysis with automated payload generation.
- Web Interface: Simple frontend for entering target URLs
- AI-Powered Analysis: Uses Novita AI (GPT-OSS-20B) for intelligent XSS detection and analysis
- Dynamic Payload Generation: Integrates with MCP service for XSS payload generation
- Real-time Testing: Automated testing of XSS vulnerabilities with detailed reporting
├── backend/
│ ├── index.ts # Main Hono server
│ ├── routes/
│ │ ├── xss.ts # XSS testing endpoints
│ │ └── static.ts # Static file serving
│ └── services/
│ ├── novita.ts # Novita AI integration
│ └── mcp.ts # MCP service integration
├── frontend/
│ ├── index.html # Main UI
│ ├── index.tsx # React frontend
│ └── components/
│ ├── App.tsx # Main app component
│ ├── UrlInput.tsx # URL input form
│ └── Results.tsx # Test results display
└── shared/
└── types.ts # Shared TypeScript types
NOVITA_API_KEY: Your Novita AI API key
- Enter a target URL in the web interface
- The system will:
- Fetch XSS payloads from the MCP service
- Use Novita AI to analyze the target and generate testing strategies
- Execute XSS tests and provide detailed results
- Generate recommendations for remediation
This tool is for authorized security testing only. Only test websites you own or have explicit permission to test.