What is DOMinator?
DOMinator is a Firefox based software for analysis and identification of
DOM Based Cross Site Scripting issues (DOMXss).
It is the first runtime tool which can help security testers to identify
DOMXss.
How it works?
It uses dynamic runtime tainting model on strings and can trace back
taint propagation operations in order to understand if a DOMXss
vulnerability is actually exploitable.
...
If you're interested in it continue the reading here:
http://blog.mindedsecurity.com/2011/05/dominator-project.html
More whitepapers in the next days.
Cheers
Stefano
--
...oOOo...oOOo....
Stefano Di Paola
Software & Security Engineer
Owasp Italy R&D Director
Web: www.wisec.it
Twitter: http://twitter.com/WisecWisec
..................
What is DOMinator?
DOMinator is a Firefox based software for analysis and identification of
DOM Based Cross Site Scripting issues (DOMXss).
It is the first runtime tool which can help security testers to identify
DOMXss.
How it works?
It uses dynamic runtime tainting model on strings and can trace back
taint propagation operations in order to understand if a DOMXss
vulnerability is actually exploitable.
...
If you're interested in it continue the reading here:
http://blog.mindedsecurity.com/2011/05/dominator-project.html
More whitepapers in the next days.
Cheers
Stefano
--
...oOOo...oOOo....
Stefano Di Paola
Software & Security Engineer
Owasp Italy R&D Director
Web: www.wisec.it
Twitter: http://twitter.com/WisecWisec
..................
