Find projects with XSS issues

The find_xss.rb cycles through all recent projects to locate those that have XSS issues in them.

The meat of the script is the following loop:

recent_projects.each do |project|
  with_scope(project) do
    issue_library = Node.issue_library
    Issue.where(node_id: issue_library.id).each do |issue|
      if issue.title =~ /XSS/i
        puts "* Project #{project.name} has '#{issue.title}'"
        break
      end
    end
  end
end

We cycle through each of the recent projects. For each of them we gather all the issues with the following line:

Issue.where(node_id: issue_library.id)

And match each Issue's #title with the /XSS/ regular expression.

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.