Automated XSS scan of your Drupal website through Simpletest.
This project is based on SimpleTest library which is developed to execute unit and browser testing of PHP code. SimpleTest is a framework for enabling automated code checking and has a browser component available which can simulate users entering form data or retrieving certain URLs. Within Drupal there is a team focused on the development of this recent module. Anyway, based on the results presented in GHOP (http://code.google.com/p/google-highly-open-participation-drupal/issues/...) concerning penetration testing, I would add a vulnerability analysis test for Sql Injection and Cross Site Scripting.
This project is inspired by the scanner developed within Yahoo by Rasmus Lerdorf to detect the vulnerabilities in the web application, but that scanner is not open source.
Existing tools such as code-checker.php e Coder module's are based on the research of regular expressions within the code, but no tool exists to simulate such attacks to detect vulnerabilities.
How to use it
The module works from cron.php page. Tu run it, you have to activate security scanner and xss injector modules from modules page of your drupal installation. Then you have to backup your database. After doing so you have to set "Crawl" into the security scanner settings page and you have to add your own pattern.
Then run cron.php file, it will takes a bit (about 100 seconds for me with a drupal default installation and all modules active).
After doing that you have to start seeding, go again into the security scanner settings page and check "Seed", than save the settings and re-run cron.php. At this point, your drupal installation will be full of seeds. You could search for vulnerabilities walking into your webite or you can make the scanner do it for you, simply running again cron.php after setting "Checking seeds" into the settings page of the security scanner. If there are vulnerabilities you can see them as warning into the top of your web page after running the thirth time cron.php. Restore your db backup at the end of this process.
For those who wants to help, the new Security Scanner Group (http://groups.drupal.org/security-scanner-component) is the right location.