From 5e911f5cd928520e23fccad89252d86148bc600e Mon Sep 17 00:00:00 2001
From: Geeknik Labs <466878+geeknik@users.noreply.github.com>
Date: Mon, 2 Nov 2020 15:04:05 +0000
Subject: [PATCH 1/2] Update basic-xss-prober.yaml

Hoping to cut down on false positives by ignoring reflections from JSON API endpoints
---
 generic-detections/basic-xss-prober.yaml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/generic-detections/basic-xss-prober.yaml b/generic-detections/basic-xss-prober.yaml
index 2ae18665f3..ba957a1869 100644
--- a/generic-detections/basic-xss-prober.yaml
+++ b/generic-detections/basic-xss-prober.yaml
@@ -2,7 +2,7 @@ id: basic-xss-prober
 
 info:
   name: Basic XSS Prober
-  author: nadino
+  author: nadino & geeknik
   severity: low
 
   # Basic XSS prober
@@ -12,7 +12,13 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/%61%27%22%3e%3c%69%6e%6a%65%63%74%61%62%6c%65%3e"
+    matchers-condition: and
     matchers:
       - type: word
         words:
           - "\"><injectable>"
+        part: body
+      - type: word
+        words:
+          - "text/html"
+        part: header

From a32e2e75408a02c51f0f40ec079bad74a6349f1f Mon Sep 17 00:00:00 2001
From: bauthard <8293321+bauthard@users.noreply.github.com>
Date: Mon, 2 Nov 2020 20:55:36 +0530
Subject: [PATCH 2/2] Update basic-xss-prober.yaml

---
 generic-detections/basic-xss-prober.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/generic-detections/basic-xss-prober.yaml b/generic-detections/basic-xss-prober.yaml
index ba957a1869..31894b20a8 100644
--- a/generic-detections/basic-xss-prober.yaml
+++ b/generic-detections/basic-xss-prober.yaml
@@ -18,7 +18,9 @@ requests:
         words:
           - "\"><injectable>"
         part: body
+
       - type: word
         words:
-          - "text/html"
+          - "application/json"
         part: header
+        negative: true
\ No newline at end of file