Home page logo

bugtraq logo Bugtraq mailing list archives

DOMinator - The DOMXss Analyzer Tool - is finally public
From: Stefano Di Paola <stefano.dipaola () wisec it>
Date: Wed, 18 May 2011 19:12:58 +0200

What is DOMinator?
DOMinator is a Firefox based software for analysis and identification of
DOM Based Cross Site Scripting issues (DOMXss).
It is the first runtime tool which can help security testers to identify

How it works?

It uses dynamic runtime tainting model on strings and can trace back
taint propagation operations in order to understand if a DOMXss
vulnerability is actually exploitable.

If you're interested in it continue the reading here:

More whitepapers in the next days.


Stefano Di Paola
Software & Security Engineer

Owasp Italy R&D Director

Web: www.wisec.it
Twitter: http://twitter.com/WisecWisec

  By Date           By Thread  

Current thread:
  • DOMinator - The DOMXss Analyzer Tool - is finally public Stefano Di Paola (May 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]