Introduction
Sboxr DOM is a dedicated tool for DOM Security Analysis that can automatically detect over 30 DOM Security Issues.
It is pronounced as S-BOXER
Web security tools overwhelmingly focus on server-side vulnerabilities. The client-side JS code has become very complex and feature-rich in most modern web applications. So a dedicated tool is needed to analyze this just like there are dedicated tools for analyzing the security of mobile apps. Client-side security analysis usually only goes as far as looking for a few variants of DOM XSS. Any further analysis requires a lot of expertise and is usually very time and effort intensive.
This is where Sboxr comes in, right from covering the more obscure variants of DOM XSS to entirely new categories of issues. It will significantly increase your test coverage while simultaneously reducing the time and effort involved.
The list of DOM Security Issues found by Sboxr are:
#
Issue
Type
Category
1
Data from attacker controllable navigation based DOM properties is executed as HTML
Error
Code Execution
2
Data from attacker controllable navigation based DOM properties is executed as JavaScript
Error
Code Execution
3
Data from attacker controllable URL based DOM properties is executed as HTML
Error
Code Execution
4
Data from attacker controllable URL based DOM properties is executed as JavaScript
Error
Code Execution
5
Non-HTML format Data from DOM storage is executed as HTML
Warning
Code Execution
6
Non-JavaScript format Data from DOM storage is executed as JavaScript
Warning
Code Execution
7
HTML format Data from DOM storage is executed as HTML
Info
Code Execution
8
JavaScript format Data from DOM storage is executed as JavaScript
Info
Code Execution
9
Data from user input is executed as HTML
Warning
Code Execution
10
Data from user input is executed as JavaScript
Warning
Code Execution
11
Non-HTML format Data taken from external site(s) (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML
Error
Code Execution
12
Non-JavaScript format Data taken from external site(s) (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript
Error
Code Execution
13
HTML format Data taken from external site(s) (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML
Warning
Code Execution
14
JavaScript format Data taken from external site(s) (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript
Warning
Code Execution
15
Non-HTML format Data taken from across sub-domain (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML
Warning
Code Execution
16
Non-JavaScript format Data taken from across sub-domain (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript
Warning
Code Execution
17
HTML format Data taken from across sub-domain (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML
Info
Code Execution
18
JavaScript format Data taken from across sub-domain (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript
Info
Code Execution
19
Non-HTML format Data taken from same domain (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML
Warning
Code Execution
20
Non-JavaScript format Data taken from same domain (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript
Warning
Code Execution
21
HTML format Data taken from same domain (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML
Info
Code Execution
22
JavaScript format Data taken from same domain (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript
Info
Code Execution
23
Weak Hashing algorithms are used
Error
Cryptography
24
Weak Encryption algorithms are used
Error
Cryptography
25
Weak Decryption algorithms are used
Error
Cryptography
26
Cryptographic Hashing Operations were made
Info
Cryptography
27
Encryption operations were made
Info
Cryptography
28
Decryption operations were made
Info
Cryptography
29
Potentially Sensitive Data is leaked (via HTTP, Ajax, WebSocket or Cross-Window Messages)
Error
Data Leakage
30
Potentially Sensitive Data is leaked through Referrer Headers
Error
Data Leakage
31
Data is leaked through HTTP
Warning
Data Leakage
32
Data is leaked through WebSocket
Warning
Data Leakage
33
Data is leaked through Cross-Window Messages
Warning
Data Leakage
34
Data is leaked through Referrer Headers
Warning
Data Leakage
35
Potentially Sensitive Data is stored on Client-side Storage (in LocalStorage, SessionStorage, Cookies or IndexedDB)
Warning
Data Storage
36
Data is stored on Client-side Storage (in LocalStorage, SessionStorage, Cookies or IndexedDB)
Info
Data Storage
37
Cross-window Messages are sent insecurely
Error
Communication
38
Cross-site communications are made
Warning
Communication
39
Communications across sub-domains are made
Warning
Communication
40
Same Origin communications are made
Info
Communication
41
JavaScript code is loaded from Cross-site Sources
Warning
JS Code
42
JavaScript code is loaded from across sub-domains
Info
JS Code
43
JavaScript code is loaded from Same Origin
Info
JS Code
Last updated