Computer software applications, and particularly web applications, are often the target of malicious attacks. In one type of malicious attack known as stored cross-site scripting (“stored XSS”), an attacker provides a malicious payload as input to a web application which then stores the malicious payload, where a subsequent interaction with the web application results in the malicious payload causing unwanted or unauthorized actions to be performed. For example, a malicious payload may be in the form of JavaScript™ instructions included in a message that is provided by an attacker's computer as input to a web-based message board application, where the application then stores the message for later retrieval. The stored XSS attack succeeds when a client computer subsequently interacts with the application and receives the stored JavaScript™ instructions from the application, whereupon the JavaScript™ instructions are executed at the client computer, causing unwanted or unauthorized actions to be performed at or by the client computer.
Computer software applications are often tested during their development to determine whether they are vulnerable to such malicious attacks or otherwise show signs of security vulnerabilities. One such type of testing, known as “black-box” testing, involves executing an application, interacting with the application's interfaces, such as by using known forms of malicious attacks, and then searching for evidence that an interaction exposed a known type of vulnerability. Unfortunately, black-box testing tools have had only limited success determining whether applications are vulnerable to stored attacks.