KNOXSS is an online XSS tool with demonstration of vulnerability (PoC – Proof of Concept). It’s still under development, being launched as beta. Currently it supports source and DOM based reflected XSS, although by chance a stored or a more complex DOM-based case may arise if there’s also a reflection in response.
Except for demo plan, it also drops (in certain cases) a XSS payload designed to send an email report to KNOXSS user with info about the environment where it was triggered (in scenarios where such vulnerability exists) hence also being able to find blind and stored XSS cases in this way.
