Introduction
Sboxr DOM is a dedicated tool for DOM Security Analysis that can automatically detect over 30 DOM Security Issues.
It is pronounced as S-BOXER
Web security tools overwhelmingly focus on server-side vulnerabilities. The client-side JS code has become very complex and feature-rich in most modern web applications. So a dedicated tool is needed to analyze this just like there are dedicated tools for analyzing the security of mobile apps. Client-side security analysis usually only goes as far as looking for a few variants of DOM XSS. Any further analysis requires a lot of expertise and is usually very time and effort intensive.
This is where Sboxr comes in, right from covering the more obscure variants of DOM XSS to entirely new categories of issues. It will significantly increase your test coverage while simultaneously reducing the time and effort involved.
The list of DOM Security Issues found by Sboxr are:
# | Issue | Type | Category |
1 | Data from attacker controllable navigation based DOM properties is executed as HTML | Error | Code Execution |
2 | Data from attacker controllable navigation based DOM properties is executed as JavaScript | Error | Code Execution |
3 | Data from attacker controllable URL based DOM properties is executed as HTML | Error | Code Execution |
4 | Data from attacker controllable URL based DOM properties is executed as JavaScript | Error | Code Execution |
5 | Non-HTML format Data from DOM storage is executed as HTML | Warning | Code Execution |
6 | Non-JavaScript format Data from DOM storage is executed as JavaScript | Warning | Code Execution |
7 | HTML format Data from DOM storage is executed as HTML | Info | Code Execution |
8 | JavaScript format Data from DOM storage is executed as JavaScript | Info | Code Execution |
9 | Data from user input is executed as HTML | Warning | Code Execution |
10 | Data from user input is executed as JavaScript | Warning | Code Execution |
11 | Non-HTML format Data taken from external site(s) (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML | Error | Code Execution |
12 | Non-JavaScript format Data taken from external site(s) (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript | Error | Code Execution |
13 | HTML format Data taken from external site(s) (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML | Warning | Code Execution |
14 | JavaScript format Data taken from external site(s) (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript | Warning | Code Execution |
15 | Non-HTML format Data taken from across sub-domain (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML | Warning | Code Execution |
16 | Non-JavaScript format Data taken from across sub-domain (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript | Warning | Code Execution |
17 | HTML format Data taken from across sub-domain (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML | Info | Code Execution |
18 | JavaScript format Data taken from across sub-domain (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript | Info | Code Execution |
19 | Non-HTML format Data taken from same domain (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML | Warning | Code Execution |
20 | Non-JavaScript format Data taken from same domain (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript | Warning | Code Execution |
21 | HTML format Data taken from same domain (via Ajax, WebSocket or Cross-Window Messages) is executed as HTML | Info | Code Execution |
22 | JavaScript format Data taken from same domain (via Ajax, WebSocket or Cross-Window Messages) is executed as JavaScript | Info | Code Execution |
23 | Weak Hashing algorithms are used | Error | Cryptography |
24 | Weak Encryption algorithms are used | Error | Cryptography |
25 | Weak Decryption algorithms are used | Error | Cryptography |
26 | Cryptographic Hashing Operations were made | Info | Cryptography |
27 | Encryption operations were made | Info | Cryptography |
28 | Decryption operations were made | Info | Cryptography |
29 | Potentially Sensitive Data is leaked (via HTTP, Ajax, WebSocket or Cross-Window Messages) | Error | Data Leakage |
30 | Potentially Sensitive Data is leaked through Referrer Headers | Error | Data Leakage |
31 | Data is leaked through HTTP | Warning | Data Leakage |
32 | Data is leaked through WebSocket | Warning | Data Leakage |
33 | Data is leaked through Cross-Window Messages | Warning | Data Leakage |
34 | Data is leaked through Referrer Headers | Warning | Data Leakage |
35 | Potentially Sensitive Data is stored on Client-side Storage (in LocalStorage, SessionStorage, Cookies or IndexedDB) | Warning | Data Storage |
36 | Data is stored on Client-side Storage (in LocalStorage, SessionStorage, Cookies or IndexedDB) | Info | Data Storage |
37 | Cross-window Messages are sent insecurely | Error | Communication |
38 | Cross-site communications are made | Warning | Communication |
39 | Communications across sub-domains are made | Warning | Communication |
40 | Same Origin communications are made | Info | Communication |
41 | JavaScript code is loaded from Cross-site Sources | Warning | JS Code |
42 | JavaScript code is loaded from across sub-domains | Info | JS Code |
43 | JavaScript code is loaded from Same Origin | Info | JS Code |
Last updated