Currently, cross-site scripting (XSS) detection tools and programs that check for XSS use signature (or “payload”) based methods to determine if such vulnerabilities exist in the webpage of an application. What this means is that the tool will take a known signature/payload and use it to determine if XSS exists. For example,                <scri-pt>alert(10)</scri-pt>is a known test payload for XSS. Tools will append, replace or commingle this signature/payload to the parameter of a URL or in the GET/POST and as such:        h-t-t-p-://vulnsite.-com/vulnscript.php?vuln=<script>alert(10)</script>        
If the signature/payload is returned, the website source is then run through additional tests to determine if the application is deemed vulnerable. The signature-based steps include:                Step 1: Find GET/POST URLs with parameters;        Step 2: Append, replace or commingle parameters with signatures/payloads;        Step 3: Make website request;        Step 4: Run source code through browser rendering (e.g., with the Xenotix application) or analyze server response codes (e.g., with the wfuzz scanner) to determine if site is vulnerable; and        Step 5: Report Findings.        
A good example of this signature based method is found in the OWASP Xenotix XSS Exploit Framework. The Xenotix project claims “to have the world's 2nd largest XSS Payloads of about 4800-plus distinctive XSS Payloads for effective XSS vulnerability detection.”
A second example comes from the security company Edge Security which develops and maintains wfuzz, an open source scanner which includes XSS checks. This tool also uses a signature/payload—they are called Injections in wfuzz—based method of discovering XSS injections.
However, there is a fundamental drawback to these conventional methods, namely, if the exact string does not work (reflect) in the test, the test will fail to detect the vulnerability in the website even though the vulnerability may, nevertheless, exist.
What is needed and provided by the present invention are new and improved methods for testing applications for XSS vulnerabilities that are neither based on nor limited by a compendium of XSS signature payloads.