The Wayback Machine - https://web.archive.org/web/20200603184130/https://github.com/yaph/domxssscanner
Skip to content
This repository has been archived by the owner. It is now read-only.

/ domxssscanner Archived

DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
dom xss-vulnerability scanner online-tool web-security domxss
HTML CSS Python JavaScript Shell
  1. HTML 60.5%
  2. CSS 16.8%
  3. Python 13.4%
  4. JavaScript 9.1%
  5. Shell 0.2%
Branch: master
Find file
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Open in Desktop Download ZIP

Latest commit

@yaph
yaph Update app.yaml to current SDK requirements 
Remove domxssscanner.com references
Remove google-site-verification
Latest commit d64095f Jan 17, 2019

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
static removed media queries Feb 17, 2016
templates Update app.yaml to current SDK requirements Jan 17, 2019
tests
.gitignore
README.md
app.yaml
deploy.sh
domxss.py
main.py

README.md

DOM XSS Scanner is an online tool that facilitates code review of web pages and JavaScript code for potential DOM based XSS security vulnerabilities.

Sample Results Page

Sample Results Page

Check your Web page

Learn more about the tool on the project's about page.

Install

Clone this repository and download the Google App Engine SDK for Python. Extract the SDK archive and add aliases for the dev server and update programs, for example:

alias gae_pyserver='python PATH_TO_SDK/google_appengine/dev_appserver.py'
alias gae_update='python PATH_TO_SDK/google_appengine/appcfg.py update'

Then start the dev server in the domxssscanner directory with the command:

gae_pyserver .

You can then access the application at http://localhost:8080/.

You can’t perform that action at this time.