Posts

Showing posts from 2017

DOM XSS Baker

https://github.com/yehgdotnet/domxssbaker With potential DOM XSS findings from Burp Plugins, we end up reading complex JavaScript codes. At the end of the day, majority of DOM XSS come from location/href objects appended with # hag. This little script takes a list of URLs (which you can copy from Burp) and make a unique list and open your default browser every 15 seconds interval or interval of your choice.