Merge pull request #301 from foulenzer/master

added template for xss params

generic-detections/top-15-xss.yaml

@@ -0,0 +1,23 @@
+# id contains the unique identifier for the template.
+id: top-15-xss
+
+info:
+  # Name is the name of the template
+  name: Top 15 XSS Check
+  # Author is the name of the author for the template
+  # Prams:- q, s, search, id, action, keyword, query, page, keywords, url, view, cat, p
+  author: foulenzer
+  # Severity is the severity for the template.
+  severity: medium
+  #  Description optionally describes the template.
+  description: Searches for reflected XSS in the server response via GET-requests.
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?q%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526s%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526search%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526id%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526action%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526keyword%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526query%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526page%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526keywords%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526url%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526view%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526cat%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526name%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526key%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526p%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E"
+    matchers:
+      - type: word
+        words:
+          - "<svg/onload=confirm('testing-xss')>"
+        part: body