Skip to content
This repository has been archived by the owner on Apr 11, 2021. It is now read-only.
/ domxssscanner Public archive

DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities

Notifications You must be signed in to change notification settings

yaph/domxssscanner

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

65 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DOM XSS Scanner is an online tool that facilitates code review of web pages and JavaScript code for potential DOM based XSS security vulnerabilities.

Sample Results Page

Sample Results Page

Check your Web page

Learn more about the tool on the project's about page.

Install

Clone this repository and download the Google App Engine SDK for Python. Extract the SDK archive and add aliases for the dev server and update programs, for example:

alias gae_pyserver='python PATH_TO_SDK/google_appengine/dev_appserver.py'
alias gae_update='python PATH_TO_SDK/google_appengine/appcfg.py update'

Then start the dev server in the domxssscanner directory with the command:

gae_pyserver .

You can then access the application at http://localhost:8080/.