[paper] Comparing DOM based XSS Identification Tools on a Real World Vulnerability – Digitalmunition




Papers no image

Published on February 4th, 2015 📆 | 3961 Views ⚑

0

[paper] Comparing DOM based XSS Identification Tools on a Real World Vulnerability

Due to the lack of literature about DOM Based XSS identification tools awareness, we decided to write a paper that took the actual tools that are stated to be able to identify DOM Based XSS and test their capabilities when dealing with a real world DOM XSS issue.

“..
Minded Security has been the first company to launch a commercial tool aimed to identify DOM Based XSS  with a runtime approach: DOMinatorPro.
In 2012, as a result of our research on DOM XSS, we released the tainting engine on github.com as an open source project and created a commercial version that let users easily identify several kind of JavaScript vulnerabilities with a pretty high rate of accuracy .

Since then, some tools, open source and commercial, have been developed and awareness on this very topic grew among application security experts.

The following paper will try to give an unbiased study supported by objective facts about precision and accuracy of existing tools that are stated to identify DOM Based XSS vulnerabilities.
…”

Free Download WordPress Themes
Free Download WordPress Themes
Premium WordPress Themes Download
Premium WordPress Themes Download
udemy paid course free download

Tagged with:



Leave a Reply ✍

This site uses Akismet to reduce spam. Learn how your comment data is processed.


loading...