Public
Like
XSSAgent
Val Town is a collaborative website to build and scale JavaScript apps.
Deploy APIs, crons, & store data โ all from the browser, and deployed in milliseconds.
An intelligent XSS vulnerability testing tool that combines AI-powered analysis with automated payload generation.
- Web Interface: Simple frontend for entering target URLs
- AI-Powered Analysis: Uses Novita AI (GPT-OSS-20B) for intelligent XSS detection and analysis
- Dynamic Payload Generation: Integrates with MCP service for XSS payload generation
- Real-time Testing: Automated testing of XSS vulnerabilities with detailed reporting
โโโ backend/
โ โโโ index.ts # Main Hono server
โ โโโ routes/
โ โ โโโ xss.ts # XSS testing endpoints
โ โ โโโ static.ts # Static file serving
โ โโโ services/
โ โโโ novita.ts # Novita AI integration
โ โโโ mcp.ts # MCP service integration
โโโ frontend/
โ โโโ index.html # Main UI
โ โโโ index.tsx # React frontend
โ โโโ components/
โ โโโ App.tsx # Main app component
โ โโโ UrlInput.tsx # URL input form
โ โโโ Results.tsx # Test results display
โโโ shared/
โโโ types.ts # Shared TypeScript types
NOVITA_API_KEY: Your Novita AI API keyMCP_API_KEY: Your MCP service API key for accessing XSS payloads
- Enter a target URL in the web interface
- The system will:
- Fetch XSS payloads from the MCP service
- Use Novita AI to analyze the target and generate testing strategies
- Execute XSS tests and provide detailed results
- Generate recommendations for remediation
This tool is for authorized security testing only. Only test websites you own or have explicit permission to test.