Open DeweshSingh opened 5 years ago
Great thanks!!
But, i cannot confirm you modified codes because your codes are included extra blanks.
Could you modify codes using PEP8 that Python's Coding Standards?
Looks like the problem was with the indentation. I generally use tabs instead of spaces. I have fixed it now. Kindly have a look at it.
I have modified the ga_main.py and the gan_main.py files. Now these files not only test the normal injection code during evaluation but also the encoded version of these injection codes for detecting if the script is running. The csv files generated after running the ga_main.py and gan_main.py now contain the injection code along with their encoded version as well.
The most common XSS attack prevention technique is the regex string matching. This encoded injection code has a better chance of causing an XSS attack by not getting detected by normal string matching techniques. Thus this feature has an advantage over the normal injection codes.