VAddy is a service that runs end-to-end black box security tests for SQL injection and XSS , Remote file inclusion, Command injection, Directory traversal vulnerabilities on the following:
You can check the requests that VAddy uses to find vulnerabilities; this information allows you to reproduce attacks and fix your web application’s code.
Future plans include tests for:
> persistent (i.e. stored) XSS vulnerabilities
> DOM-based XSS vulnerabilities