How to detect the response packet?

[chain312]

How to detect the existence of xss in the return package? For example, the test js package I sent is
</script>"><script>prompt(1)</script>,</script>">, if there is xss, there will be <script>prompt(1)</script> in the return package.
  If the test js is <script>alert(document.cookie)</script> , if there is xss, there will be cookie information in the return packet.
  I sent to the package is not the same, how to respond to the package js match? I think this way: I have to deal with the sent js first, first get the possible return packets and then return the matching packets. How did you make a match for the return package?

[NovaCygni]

I suppose ill add a selectable set of responses flags and handling in the upcoming updates....

[kattstof]

My personal version uses Xsstrike as a wrapper for xss testing, if the author of xsstrike gives permissiom i could add it to current branch?

[d4op]

@s0md3v

[s0md3v]

I have no motivation to work on XSStrike so I don't recommend integrating it anywhere but if you think it works fine for you, go ahead.

[d4op]

My personal version uses Xsstrike as a wrapper for xss testing, if the author of xsstrike gives permissiom i could add it to current branch?

so we have the permission to integrate xsstrike.