the application. Steps to use:1. Download the xelenium.jar file and double click on it. You will be provided
with the UI as below:
2. Enter the url of the application under test in ‘Enter URL’ field and click on
the ‘Capture Pages’ button.
Note: Please ensure to provide the url starting with either http:// or
3. Xelenium will launch the Firefox browser and display the web page of the
4. Navigate to the required pages that need to be scanned.
5. Close the browser.
6. URL details of the navigated pages will be displayed in the ‘Captured Pages’
7. Select the required one and remove the unwanted one using ‘Remove’
8. If the navigated pages are password protected, provide the login
credentials in ‘Login Creds’ section.
9. Navigate to the ‘Attack Vector’ section and select the required XSS attack
vectors from the ‘Available Attack Vectors’ list box.
11. Navigate back to the ‘Capture & Scan’ tab and click on the ‘Perform XSS
12.Selenium will execute series of tests with selected attack vectors and would
display the scan results in the default browser as below
13. ‘Log’ tab would provide us with the log details of the scan and the details
of any exceptions.
Following are some of the limitations of the Xelenium that I am planning to
implement in upcoming versions:
1. Predefined field values
2. Support for multiple browser applications
3. Support for multiple frames in a browser.