Saba Journal Of information Technology And Networking (SJITN)-ISSN: 2312-4989

 Cross-Site Scripting is one of the main attacks of many Web-based services. Since Web browsers support the execution of scripting commands embedded in the retrieved content, Attacker can gain this feature maliciously to violate the client security such as confidentiality. The public sites (i.e. social network) provide the attacker with ability to post there malicious code into a context which in the future to be shown to other participants. Detecting these malicious script codes is necessary for client side; the detection can be done by using detection tools used at client side. This paper describes the overall problem and elaborates on the possibilities to solve the problem with actions at client side to reduce the danger of Cross-Site Scripting attacks. In this work a new secure tool is developed using python language, which called PalXSS, two factors are used to evaluate it: performance and accuracy. The results show the accuracy of PalXSS tool is 90.24% which satisfies the users need compared with other tools.