更新: 359 个文件 - 2026-03-16 23:30:01

08-threat-intel/repro-profiles/family-generic/xss-generic.yaml

@@ -0,0 +1,44 @@
+profile_id: xss-generic
+match_rules:
+  keywords:
+    - xss
+    - cross-site scripting
+    - dom xss
+    - trusted types
+vuln_family: xss
+provisioning_mode: synthetic
+artifact_source:
+  strategy: official-image-or-synthetic
+required_services:
+  - app
+seed_actions:
+  - kind: note
+    message: Seed a low-privilege user and a review page when the target supports stored content.
+baseline_actions:
+  - kind: http-get
+    path: /
+attack_actions:
+  - kind: tool
+    tool: xss-fuzzer
+    args:
+      - "-u"
+      - "{target_url}"
+      - "--dom-scan"
+      - "--check-csp"
+      - "--evidence-dir"
+      - "{evidence_dir}"
+      - "--run-id"
+      - "{run_id}"
+      - "--case-id"
+      - "{case_id}"
+browser_assertions:
+  required: true
+  strategy: reflect-or-render
+success_criteria:
+  - Browser evidence confirms payload reflection or DOM sink execution path.
+cleanup_policy: destroy
+destructive_risk: low
+allowed_target_types:
+  - lab-local
+  - lab-public
+  - authorized-third-party