Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities

branch: master
Octocat-spinner-32 static addd results preview January 25, 2014
Octocat-spinner-32 templates replaced teespring campaign March 10, 2014
Octocat-spinner-32 tests fixed encoding problems November 28, 2011
Octocat-spinner-32 .gitignore - changed CSS February 11, 2011
Octocat-spinner-32 README.md better description January 25, 2014
Octocat-spinner-32 app.yaml file modes February 12, 2013
Octocat-spinner-32 domxss.py fixed encoding problems November 28, 2011
Octocat-spinner-32 main.py file modes February 12, 2013
README.md

DOM XSS Scanner is an online tool that facilitates code review of web pages and JavaScript code for potential DOM based XSS security vulnerabilities.

Sample Results Page

Sample Results Page

Check your Web page

TODOs

Known Issues

  • the regular expression for sources document.write( which is a sink
  • cannot access page_url template var created in gae_utils.py in templates

Learn more about the tool on the project's about page

Something went wrong with that request. Please try again.