@skeptic_fx

Ahamed Nafeez



Modules Created

Location hash (aka. fragment) spills into data URI content testing no-op Number Properties exposed by the Window Object? jQuery Versions Vulnerable to Selector DOM XSS via # aka Selector IDs. Can Do Not Track be bypassed using XHR ? HTTP Methods Supported by XHR Properties of LocalStorage TestHarness: Using Assertions in DomStorm List of properties that doesn't need parenthesis Direct references to Window objects Element Node Setters Location unforgeable - Test Harness Can Cookie Setter be Hooked? TestHarness: Allowed Request Headers by XHR Knockout JS libraries vulnerable to data-bind injection List of constructors that refer to window w/o parenthesis Check document.domain jQuery UI .dialog() closeText property DOM XSS Sink. Attribute Separators Does Iframe sandbox execute script inside child iframe? AngularJS Sandbox Bypasses Getters & Setters for Element.prototype Document Setters Configurability of Location Properties

Other Favorite Modules

Location hash (aka. fragment) spills into data URI content - By @skeptic_fx jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') - By @undefined Hooking Storage Objects - By @undefined Number Properties exposed by the Window Object? - By @skeptic_fx jQuery Versions Vulnerable to Selector DOM XSS via # aka Selector IDs. - By @skeptic_fx Can Do Not Track be bypassed using XHR ? - By @skeptic_fx HTTP Methods Supported by XHR - By @skeptic_fx Properties of LocalStorage - By @skeptic_fx TestHarness: Using Assertions in DomStorm - By @skeptic_fx TestHarness: XMLHttpRequest: setRequestHeader() name argument checks - By @ashishc9211 List of properties that doesn't need parenthesis - By @skeptic_fx Direct references to Window objects - By @skeptic_fx Element Node Setters - By @skeptic_fx XSS vectors without user interaction - By @Psych0tr1a Can Navigator.UserAgent Be Spoofed? - By @undefined Knockout JS libraries vulnerable to data-bind injection - By @skeptic_fx List of constructors that refer to window w/o parenthesis - By @skeptic_fx Check document.domain - By @undefined Allowed Request Headers by XHR - By @undefined jQuery UI .dialog() closeText property DOM XSS Sink. - By @skeptic_fx Attribute Separators - By @skeptic_fx Does Iframe sandbox execute script inside child iframe? - By @skeptic_fx jQuery-UI XSS via .dialog() method - By @Psych0tr1a AngularJS Sandbox Bypasses - By @skeptic_fx jQuery Migrate DOM XSS $("a[href='<XSS>']") [Attribute equals selector] - By @Psych0tr1a Getters & Setters for Element.prototype - By @skeptic_fx Configurability of Location Properties - By @skeptic_fx