Automating Discovery and Exploiting DOM (Client) XSS Vulnerabilities using Sboxr

What is this book about?

This book shows how you can identify DOM XSS issues using Sboxr on Single Page or JavaScript rich applications. As examples, we solved the 10 exercises at the DOM XSS playground at https://domgo.at and created simple Proof of Concept exploits for the detected issues.

Who this book is for?

The intended audience for this book are -

  • Penetration testers, who would like to expand their arsenal with tools and techniques to discover and exploit DOM XSS issues
  • Bug bounty hunters that are looking for automated ways of detecting DOM XSS issues

What you need for this book to be useful?

  • A working copy of Sboxr
  • Chrome installed on the computer
  • Access to https://domgo.at

results matching ""

    No results matching ""