@skeptic_fx

Ahamed Nafeez



Modules Created

Number Properties exposed by the Window Object? jQuery Versions Vulnerable to Selector DOM XSS via # aka Selector IDs. Can Do Not Track be bypassed using XHR ? Properties of LocalStorage List of constructors that refer to window w/o parenthesis Direct references to Window objects Element Node Setters Location unforgeable - Test Harness Knockout JS libraries vulnerable to data-bind injection testing no-op Attribute Separators Can Cookie Setter be Hooked? Does Iframe sandbox execute script inside child iframe? SecurityPolicyViolationEvent Location hash (aka. fragment) spills into data URI content Configurability of Location Properties HTTP Methods Supported by XHR TestHarness: Using Assertions in DomStorm List of properties that doesn't need parenthesis TestHarness: Allowed Request Headers by XHR Document Setters Getters & Setters for Element.prototype Check document.domain jQuery UI .dialog() closeText property DOM XSS Sink. AngularJS Sandbox Bypasses Valid attribute separators Run domato fuzzer 1000000 times

Other Favorite Modules

jQuery Versions Vulnerable to Selector XSS with class Attribute ('. XSS_VECTOR') - By @ Hooking Storage Objects - By @ Number Properties exposed by the Window Object? - By @skeptic_fx jQuery Versions Vulnerable to Selector DOM XSS via # aka Selector IDs. - By @skeptic_fx Can Do Not Track be bypassed using XHR ? - By @skeptic_fx Properties of LocalStorage - By @skeptic_fx TestHarness: XMLHttpRequest: setRequestHeader() name argument checks - By @ashishc9211 List of constructors that refer to window w/o parenthesis - By @skeptic_fx Direct references to Window objects - By @skeptic_fx Element Node Setters - By @skeptic_fx Knockout JS libraries vulnerable to data-bind injection - By @skeptic_fx XSS vectors without user interaction - By @Psych0tr1a Attribute Separators - By @skeptic_fx Does Iframe sandbox execute script inside child iframe? - By @skeptic_fx Allowed Request Headers by XHR - By @ Can Navigator.UserAgent Be Spoofed? - By @ Check document.domain - By @ Location hash (aka. fragment) spills into data URI content - By @skeptic_fx Configurability of Location Properties - By @skeptic_fx HTTP Methods Supported by XHR - By @skeptic_fx TestHarness: Using Assertions in DomStorm - By @skeptic_fx List of properties that doesn't need parenthesis - By @skeptic_fx Getters & Setters for Element.prototype - By @skeptic_fx jQuery Selectors Vulnerable to XSS - By @mihirgokani007 jQuery-UI XSS via .dialog() method - By @Psych0tr1a jQuery Migrate DOM XSS $("a[href='<XSS>']") [Attribute equals selector] - By @Psych0tr1a jQuery UI .dialog() closeText property DOM XSS Sink. - By @skeptic_fx AngularJS Sandbox Bypasses - By @skeptic_fx Run domato fuzzer 1000000 times - By @skeptic_fx