all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Finding client-side prototype pollution with DOM Invader

Add to bookmarks
June 20, 2022, 12:37 p.m. |

PortSwigger Blog portswigger.net

Last year we made it significantly easier to find DOM XSS, when we introduced a brand new tool called DOM Invader. This year, we've improved DOM Invader to make finding CSPP (client-side prototype pol

client client-side dom

Visit resource

More from portswigger.net / PortSwigger Blog

Introducing DAST scanning in the Cloud, with Burp Suite Enterprise Edition 2 weeks, 2 days ago | portswigger.net
automated burp burp suite can +8
What's new with BChecks? 2 months, 3 weeks ago | portswigger.net
build language quickly scan +4
Introducing custom scan checks to Burp Suite Enterprise Edition 3 months ago | portswigger.net
burp burp suite capabilities easy +5
The future of Bambdas 4 months, 2 weeks ago | portswigger.net
burp burp suite code filter +5
Introducing Bambdas 5 months, 2 weeks ago | portswigger.net
burp burp suite changing java +2
DOM Invader and the case of direct eval vs indirect eval 7 months, 1 week ago | portswigger.net
browser browser extension case dom +8
New learning paths, from the Web Security Academy 7 months, 3 weeks ago | portswigger.net
academy exploit learn security +7
Supporting Sprocket Security's offensive security testing with BChecks, from Burp Suite 7 months, 4 weeks ago | portswigger.net
attack attack surfaces burp burp suite +17
New techniques and tools for web race conditions 8 months, 3 weeks ago | portswigger.net
attacks challenges conditions constraints +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cybersecurity Consultant

@ Devoteam | Cité Mahrajène, Tunisia
View on infosec-jobs.com

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Phoenix, AZ, United States
View on infosec-jobs.com

(Senior) Director of Information Governance, Risk, and Compliance

@ SIXT | Munich, Germany
View on infosec-jobs.com

Information System Security Engineer

@ Space Dynamics Laboratory | North Logan, UT
View on infosec-jobs.com

Intelligence Specialist (Threat/DCO) - Level 3

@ Constellation Technologies | Fort Meade, MD
View on infosec-jobs.com

Cybersecurity GRC Specialist (On-site)

@ EnerSys | Reading, PA, US, 19605
View on infosec-jobs.com
View more jobs