Google launched a Security testing tool “Firing Range” aimed at improving the efficiency of automated Web application security scanners. The tool scans web app vulnerabilities including reverse clickjacking, Flash injection, mixed content, and cross-origin resource sharing vulnerabilities. 70 percent of bugs in Google’s Vulnerability Reward Program are cross-site scripting flaws. Firing Range relies on automation based on a collection of unique bug patterns drawn from in-the-wild vulnerabilities observed by Google. It is a Java application that has been built on Google App Engine.
Source: https://thehackernews.com/2014/11/firing-range-open-source-web-app_20.html