/
index.html
executable file
·240 lines (194 loc) · 11.9 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
<!DOCTYPE html>
<html lang="en">
<head>
<title>DOM Clobbering</title>
<!-- Meta -->
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="author" content="">
<meta name="description" content="DOM Clobbering Wiki">
<link rel="shortcut icon" href="./static/assets/images/favicon.ico">
<!-- FontAwesome JS-->
<script defer src="https://use.fontawesome.com/releases/v5.7.1/js/all.js" integrity="sha384-eVEQC9zshBn0rFj4+TU78eNA19HMNigMviK/PU/FFjLXqa/GKPgX58rvt5Z8PLs7" crossorigin="anonymous"></script>
<script async defer src="./static/assets/js/lib/gitbuttons.js"></script>
<!-- Theme CSS -->
<link id="theme-style" rel="stylesheet" href="./static/assets/css/theme-1.css">
</head>
<body>
<nav class="navbar navbar-expand-lg navbar-dark bg-dark">
<a class="navbar-brand mr-0 mr-md-2" href="#">
<img src="static/assets/images/logo.png" height="32px;" alt="DC">
</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarSupportedContent">
<ul class="navbar-nav mr-auto">
<li class="nav-item active ">
<a class="nav-link" href="#">Home <span class="sr-only">(current)</span></a>
</li>
<li class="nav-item">
<a class="nav-link" href="https://soheilkhodayari.github.io/DOMClobbering/domc_wiki">Wiki</a>
</li>
<li class="nav-item">
<a class="nav-link" href="https://soheilkhodayari.github.io/DOMClobbering/domc_markups/list">Markups</a>
</li>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
Browser Testing
</a>
<div class="dropdown-menu" aria-labelledby="navbarDropdown">
<a class="dropdown-item" href="https://soheilkhodayari.github.io/DOMClobbering/domc_markups/list">Online</a>
<a class="dropdown-item" href="https://github.com/SoheilKhodayari/DOMClobbering/tree/master/domc_tests">Offline</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item" href="https://github.com/SoheilKhodayari/DOMClobbering/tree/master/domc_markups">Dataset</a>
</div>
</li>
<li class="nav-item">
<a class="nav-link" href="https://soheilkhodayari.github.io/DOMClobbering/domc_payload_generator/">Payload Generator</a>
</li>
<li class="nav-item">
<a class="nav-link" href="https://github.com/SoheilKhodayari/TheThing/">Detection</a>
</li>
</ul>
</div>
<ul class="navbar-nav flex-row ml-md-auto d-md-flex">
<li class="nav-item">
<a class="nav-link p-2" href="https://github.com/SoheilKhodayari/DOMClobbering" target="_blank" rel="noopener" aria-label="GitHub"><i class="fab fa-github"></i></a>
</li>
<li class="nav-item">
<a class="nav-link p-2" href="https://twitter.com/Soheil__K" target="_blank" rel="noopener" aria-label="Twitter"><i class="fab fa-twitter"></i></a>
</li>
</ul>
<a class="btn btn-outline-theme d-none d-lg-inline-block mb-3 mb-md-0 ml-md-3" href="https://github.com/SoheilKhodayari/DOMClobbering/releases">Download</a>
</nav>
<div class="ribbon"></div>
<div class="position-relative overflow-hidden p-3 p-md-5 text-center bg-white" > <!-- m-md-3 -->
<div class="col-md-5 p-lg-5 mx-auto my-5" style="z-index: 10;">
<h1 class="display-4 font-weight-normal">DOM Clobbering <i class="fas fa-question-circle"></i></h1>
<p class="lead font-weight-normal">
All you need to know in one place. Learn about clobbering techniques, test your mobile and desktop browser online with a single click, create attack payloads interactively and master the defenses.
</p>
<a class="btn btn-outline-theme" href="https://domclob.xyz/domc_markups/list">Get Started</a>
</div>
<!-- <div class="product-device box-shadow d-none d-md-block"></div> -->
<div class="product-device product-device-2 box-shadow d-none d-md-block"></div>
</div>
<div class="ribbon"></div>
<div class="d-md-flex flex-md-equal w-100 my-md-3 pl-md-3">
<div class="bg-light mr-md-3 pt-3 px-3 pt-md-5 px-md-5 text-center overflow-hidden">
<div class="my-3 py-3">
<h2 class="display-5"><i class="fa fa-book" aria-hidden="true"></i> Clobbering Wiki</h2>
<p class="lead">DOM Clobbering techniques, vulnerability patterns, and defenses</p>
<a class="btn btn-theme" href="https://soheilkhodayari.github.io/DOMClobbering/domc_wiki/index"> Documentation</a>
</div>
<div class="bg-info box-shadow mx-auto" style="width: 80%; height: 20px; border-radius: 21px 21px 0 0;"></div>
</div>
<div class="bg-light mr-md-3 pt-3 px-3 pt-md-5 px-md-5 text-center overflow-hidden">
<div class="my-3 p-3">
<h2 class="display-5"> <i class="fab fa-chrome" aria-hidden="true"></i> Browser Testing</h2>
<p class="lead">Test your browser online, or check out analysis results</p>
<a class="btn btn-theme" href="https://soheilkhodayari.github.io/DOMClobbering/domc_markups/list"> Repository </a>
</div>
<div class="bg-warning box-shadow mx-auto" style="width: 80%; height: 20px; border-radius: 21px 21px 0 0;"></div>
</div>
<div class="bg-light mr-md-3 pt-3 px-3 pt-md-5 px-md-5 text-center overflow-hidden">
<div class="my-3 p-3">
<h2 class="display-5"><i class="fas fa-wrench"></i> Payload Generation</h2>
<p class="lead">Create DOM Clobbering attack payloads interactively</p>
<a class="btn btn-theme" href="https://soheilkhodayari.github.io/DOMClobbering/domc_payload_generator/"> Dashboard</a>
</div>
<div class="bg-dark box-shadow mx-auto" style="width: 80%; height: 20px; border-radius: 21px 21px 0 0;"></div>
</div>
<div class="bg-light mr-md-3 pt-3 px-3 pt-md-5 px-md-5 text-center overflow-hidden">
<div class="my-3 py-3">
<h2 class="display-5"><i class="fas fa-code-branch" aria-hidden="true"></i> Vulnerability Detection</h2>
<p class="lead">Automatically detect clobberable data flows in your web application</p>
<a class="btn btn-theme" href="https://github.com/SoheilKhodayari/TheThing">Repository</a>
</div>
<div class="bg-success box-shadow mx-auto" style="width: 80%; height: 20px; border-radius: 21px 21px 0 0;"></div>
</div>
</div>
<div class="d-md-flex flex-md-equal w-100 my-md-3 pl-md-3">
<div class="bg-dark mr-md-3 pt-3 px-3 pt-md-5 px-md-5 text-center text-white overflow-hidden">
<div class="my-3 py-3">
<h2 class="display-5"><i class="fab fa-github" aria-hidden="true"></i> Github </h2>
<p class="lead">All source code and content for this website is opensource</p>
<a class="btn btn-secondary mr-md-1" href="https://github.com/SoheilKhodayari/TheThing"> TheThing Repository</a>
<a class="btn btn-secondary" href="https://github.com/SoheilKhodayari/DOMClobbering"> DOMC-BT Repository</a>
</div>
</div>
</div>
<div class="d-md-flex flex-md-equal w-100 my-md-3 pl-md-3">
<div class="bg-info mr-md-3 pt-3 px-3 pt-md-5 px-md-5 text-center text-white overflow-hidden">
<div class="my-3 py-3">
<h2 class="display-5"><i class="far fa-file-pdf"></i> Academic Publication </h2>
<p class="lead">This work has been published at <a class="text-white" style="text-decoration: underline;" href="https://www.ieee-security.org/TC/SP2023/">IEEE S&P 2023</a> with a <a class="text-warning" href="https://www.ieee-security.org/TC/SP2023/program-awards.html">Distinguished Paper Award <i class="fa fa-trophy" aria-hidden="true"></i></a>.</p>
<a class="btn btn-dark" href="//soheilkhodayari.github.io/papers/sp23_domclob.pdf"> Download</a>
</div>
</div>
</div>
<div class="d-md-flex flex-md-equal w-100 my-md-3 pl-md-3">
<div style="background-color: #198754;"class="mr-md-3 pt-3 px-3 pt-md-5 px-md-5 text-center text-white overflow-hidden">
<div class="my-3 py-3">
<h2 class="display-5"><i class="fa fa-globe" aria-hidden="true"></i> OWASP CheatSheet </h2>
<p class="lead">Checkout the DOM Clobbering prevention cheat sheet we created for you!</p>
<a class="btn btn-dark mr-md-1" href="https://cheatsheetseries.owasp.org/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.html"> OWASP CheatSheet</a>
</div>
</div>
</div>
<footer class="container py-5">
<div class="row">
<div class="col-12 col-md">
<img src="./static/assets/images/logo.png" height="28px;" style="margin-bottom: 5px;"alt="DC">
<small class="d-block mb-3 text-muted">© 2022-2023</small>
</div>
<div class="col-6 col-md">
<h5>DOM Clobbring</h5>
<ul class="list-unstyled text-small">
<li><a class="text-muted" href="https://soheilkhodayari.github.io/DOMClobbering/domc_wiki/">Overview</a></li>
<li><a class="text-muted" href="https://soheilkhodayari.github.io/DOMClobbering/domc_wiki/techniques/">Techniques</a></li>
<li><a class="text-muted" href="https://soheilkhodayari.github.io/DOMClobbering/domc_wiki/indicators/patterns.html">Code Patterns</a></li>
<li><a class="text-muted" href="https://soheilkhodayari.github.io/DOMClobbering/domc_wiki/defenses/">Defenses</a></li>
</ul>
</div>
<div class="col-6 col-md">
<h5>Resources</h5>
<ul class="list-unstyled text-small">
<li><a class="text-muted" href="https://github.com/SoheilKhodayari/DOMClobbering/">Repository</a></li>
<li><a class="text-muted" href="https://soheilkhodayari.github.io/DOMClobbering/domc_markups/list">Browser Testing</a></li>
<li><a class="text-muted" href="https://soheilkhodayari.github.io/DOMClobbering/domc_payload_generator/">Payload Generator</a></li>
<li><a class="text-muted" href="https://github.com/SoheilKhodayari/TheThing/">Vulnerability Detector</a></li>
</ul>
</div>
<div class="col-6 col-md">
<h5>About</h5>
<ul class="list-unstyled text-small">
<li><a class="text-muted" href="https://github.com/SoheilKhodayari/DOMClobbering/blob/master/LICENSE">License</a></li>
<li><a class="text-muted" href="https://github.com/SoheilKhodayari/DOMClobbering/blob/master/LICENSE">Disclaimer</a></li>
</ul>
</div>
</div>
<div class="row">
<div class="col-12 col-md text-center">
<p class="text-center" style="margin-top: 5px;"><small>Licensed under AGPL-3.0, open source and free to use.</small></p>
</div>
</div>
</footer>
<!-- Bootstrap core JavaScript
================================================== -->
<script src="./static/assets/js/lib/jquery-3.3.1.min.js"></script>
<script>window.jQuery || document.write('<script src="./static/assets/js/lib/jquery-slim.min.js"><\/script>')</script>
<script src="./static/assets/js/lib/popper.min.js"></script>
<script src="./static/assets/js/lib/bootstrap.min.js"></script>
<script src="./static/assets/js/lib/holder.min.js"></script>
<script>
Holder.addTheme('thumb', {
bg: '#55595c',
fg: '#eceeef',
text: 'Thumbnail'
});
</script>
</body>
</html>