Here is a XSS Scanner sample report:
Powered by OWASP ZAP, this scanner helps you test if the target web application is affected by Cross-Site Scripting vulnerabilities.
Speed-up your penetration test with this online scanner. It is already set-up and cofigured with the optimal settings for best results and performance. Just start the scan and come back later for results.
You can perform a self-security assessment in order to detect weaknesses in your own application. This will allow you to fix the vulnerabilities before being hit by real attackers.
If you are a web development company, you can also show this report to your clients and prove that you have implemented the proper security measures in the application.
|Scanner capabilities||Light scan||Full scan|
|Spider max URLs||20||500|
|Spider max duration||1 minute||15 minutes|
|Active scan max duration||2 minutes||30 minutes|
The XSS scanner generates HTTP requests which can be flagged as attacks on the server side (although they are harmless). Do not use it if you don't have proper authorization from the target website owner.
|Target URL||This is the URL of the website that will be scanned. All URLs must start with http or https.|
|Light Scan||This scan is faster but less comprehensive than the full scan.|
|Full Scan||This is a complete Cross-Site Scripting assessment of the target web application.|