This is regarding the XSS scanning tool XSStrike. The tool produces three elements in a given report:
- XSS Payload
- Confidence
- Efficiency
Does anyone know what the metrics Confidence and Efficiency is measuring? I can hazard a guess that it suggests the likelihood of the payload working however this is not mentioned in the documentation and I wondered someone perhaps had a better understanding.
Unfortunately the answer was not forthcoming on the author's git repo.