check for XSS site

To hire pentester'a / hacker with experience to check manually. For more efficiency you can provide access to the source code.
\r
There are of course automated tools, like Acunetix Web Vulnerability Scanner (is in Milan), but their effectiveness in non-trivial cases is quite questionable.

Usually check this
\r
\ralert('aa');
\r
If your site has many forms, it is best DM to use the program to search for vulnerabilities. One of the most advanced is considered Acunetix Web Security Scanner will be able to find on torrents.

Hi!

The best way to test the website on XSS is to check the source code.
The main cause of XSS is lack of filtering of user input (&, <, >, ", ')

Most modern ORM, templating languages serve escaping user data that should be protected from XSS. Unfortunately developers often turn off these checks by hand.

Learn more about how to protect your code from XSS: https://www.owasp.org/index.php/XSS_(Cross_Site_Sc...

How to bypass filters and to introduce XSS: https://www.owasp.org/index.php/XSS_Filter_Evasion...

By the way, I'm one of the developers of scanner vulnerabilities, including XSS https://metascan.ru
Can try scanner, or just ask our children. [email protected]

Thank you all!