XHUNTER: Tracking XSS on the Net (XHUNTER)
Start date: Nov 1, 2011, End date: Oct 31, 2014 PROJECT  FINISHED 

"Code-injection attacks through Cross-Site Scripting (XSS) in the web browserhave observed a significant increase over the previous years. According to aSeptember-2009 report published by the SANS Institute, attacks against webapplications constitute more than 60% of the total attack attempts observed onthe Internet. Web application vulnerabilities such as SQL injection andCross-Site Scripting flaws in open-source as well as custom-built applicationsaccount for more than 80% of the vulnerabilities being discovered. In thisproject we propose the design and development of a prototype that can inspectpassively the network for extracting URLs that can potentially exploit a webapplication, through XSS. The detector assumes that all URLs that containparts that can produce a valid JavaScript syntax tree are consideredsuspicious. We will develop tools that identify text fragments of URLs,exchanged in the network, that produce a valid JavaScript syntax-tree of highdepth. These URLs are considered as possible XSS exploitation attempts."
