Public
Like
XSSAgent
Val Town is a collaborative website to build and scale JavaScript apps.
Deploy APIs, crons, & store data β all from the browser, and deployed in milliseconds.
Viewing readonly version of main branch: v17View latest version
An intelligent XSS vulnerability testing tool that combines AI-powered analysis with automated payload generation.
- Web Interface: Simple frontend for entering target URLs
- AI-Powered Analysis: Uses Novita AI (GPT-OSS-20B) for intelligent XSS detection and analysis
- Dynamic Payload Generation: Integrates with MCP service for XSS payload generation
- Real-time Testing: Automated testing of XSS vulnerabilities with detailed reporting
βββ backend/
β βββ index.ts # Main Hono server
β βββ routes/
β β βββ xss.ts # XSS testing endpoints
β β βββ static.ts # Static file serving
β βββ services/
β βββ novita.ts # Novita AI integration
β βββ mcp.ts # MCP service integration
βββ frontend/
β βββ index.html # Main UI
β βββ index.tsx # React frontend
β βββ components/
β βββ App.tsx # Main app component
β βββ UrlInput.tsx # URL input form
β βββ Results.tsx # Test results display
βββ shared/
βββ types.ts # Shared TypeScript types
NOVITA_API_KEY: Your Novita AI API keyMCP_API_KEY: Your MCP service API key for accessing XSS payloads
- Enter a target URL in the web interface
- The system will:
- Fetch XSS payloads from the MCP service
- Use Novita AI to analyze the target and generate testing strategies
- Execute XSS tests and provide detailed results
- Generate recommendations for remediation
This tool is for authorized security testing only. Only test websites you own or have explicit permission to test.