The book:"Web Security Testing Cookbook By Paco Hope, Ben Walther" is the only source I could find which covers the topic. They use cURL. I just want to write some scripts to automate testing for xss. I'm just gonna run it on a site like demo.testfire.net for example. I know there are allot of tools available for the job though but that won't teach me anything. Thanks. If someone could perhaps post a one-liner example of testing with cURL. I don't really get how the example in the book works, besides that it assumes that if you get a popup then you won't get any errors for example an error that says:"Characters not allowed or 404 error."
Anyways my real question is what is a good way of automating tests for xss? Would be cool if someone could suggest a way of doing it in bash. Perhaps commandlinefu would be a better place to ask but I thought I'd start here. (Without using tools made specifically for the purpose.)