PunksⅡ: An XSS Vulnerability Detection Tool For Ajax

Web2.0 is a very popular network technology currently, as a kernel technology Ajax brings new experience that user can update pages with out refurbishing rapidly. However JavaScript bring varies secure vulnerability which used in Ajax. To solve the secure problem of web which used Ajax,the paper analyzed the theory and secure vulnerability of Ajax and emphasize to discuss the theory and flow for attacking in XSS .This is attended by many experts. Then the paper analyzed the difference of static method and dynamic method for detecting the web secure vulnerability.Then the paper find the static method is easy to find the entry point of the secure vulnerability.This paper designed and implemented a tool which used for detecting secure vulnerability of Ajax. PunksⅡscan web static to confirm the frame of web and the entry point of XSS. PunksⅡused Ruby as programmed language which is very smart.