JSChecklist

The document provides a checklist of DOM-based vulnerabilities in JavaScript including DOM-based DOS, client-side SQL injection, open redirection, link manipulation, cookie manipulation, JavaScript injection, local file-path manipulation, and Ajax request-header manipulation.

Uploaded by

setyahangga3

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

25 views

JSChecklist

Uploaded by

setyahangga3

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 2

JS Checklist

This is a small JS checklist that helped me score a few bounties with DOM-based
vulnerabilities.
If this helped you, know that there’s a way to automate this using
Nova Security Scanner.

DOM-based DOS can be induced if user-input lands in requestFileSystem() or

RegExp()

Client-side SQLi can exist if user-input lands in executeSql() (database is created

via the var db = openDatabase() function, and later called via db.transaction(function(tx)
{tx.executeSql("...")}) )

DOM-based open redirection can exist if user-input lands into one of the following
sinks:
location
location.host
location.hostname
location.href
location.pathname
location.search
location.protocol
location.assign()
location.replace()
open()
element.srcdoc
XMLHttpRequest.open()
XMLHttpRequest.send()
jQuery.ajax()
$.ajax()

DOM-based link manipulation can be caused by one of the following sinks:

element.href
element.src
element.action

JS Checklist 1
DOM-based cookie manipulation can exist if arbitrary user-input gets injected
inside the document.cookie sink

DOM-based javascript injection can be caused if arbitrary user-input ends in one

of the following sinks:
eval()
Function()
setTimeout()
setInterval()
setImmediate()
execCommand()
execScript()
msSetImmediate()
range.createContextualFragment()
crypto.generateCRMFRequest()

DOM-based local file-path manipulation can be induced by one of the following

sinks:
FileReader.readAsArrayBuffer()
FileReader.readAsBinaryString()
FileReader.readAsDataURL()
FileReader.readAsText()
FileReader.readAsFile()
FileReader.root.getFile()

DOM-based Ajax request-header manipulation can be caused by one of the

following sinks:
XMLHttpRequest.setRequestHeader()
XMLHttpRequest.open()
XMLHttpRequest.send()
jQuery.globalEval()
$.globalEval()

Follow @0xblackbird on Twitter for more like this!

JS Checklist 2

?jira Vulnerability Checklist?
No ratings yet
?jira Vulnerability Checklist?
5 pages
2000+ Top XSS Reports From HackerOne
No ratings yet
2000+ Top XSS Reports From HackerOne
91 pages
GitHub Dorking
No ratings yet
GitHub Dorking
42 pages
Bug Bounty Playbook V2 PDF
80% (10)
Bug Bounty Playbook V2 PDF
250 pages
JavaScript For Hackers
0% (1)
JavaScript For Hackers
51 pages
Lets Be A Dork and Read Js Files
No ratings yet
Lets Be A Dork and Read Js Files
9 pages
Nodejs Security Handbook
No ratings yet
Nodejs Security Handbook
28 pages
(pub)TBHM App v1
No ratings yet
(pub)TBHM App v1
64 pages
Recon
No ratings yet
Recon
4 pages
Analyzing Javascript Files
No ratings yet
Analyzing Javascript Files
7 pages
Document2-1
No ratings yet
Document2-1
27 pages
Applications of Javascript Frameworks & Protect Web Page Css
No ratings yet
Applications of Javascript Frameworks & Protect Web Page Css
7 pages
?A Security Guide For JavaScript Dev
No ratings yet
?A Security Guide For JavaScript Dev
12 pages
21060_CODE_6-2021_Amended
No ratings yet
21060_CODE_6-2021_Amended
76 pages
DOM Based Cross-Site Scripting
No ratings yet
DOM Based Cross-Site Scripting
3 pages
Security
No ratings yet
Security
52 pages
L 8
No ratings yet
L 8
24 pages
UI Redressing: Attacks and Countermeasures Revisited: Marcus Niemietz Marcus - Niemietz@rub - de
No ratings yet
UI Redressing: Attacks and Countermeasures Revisited: Marcus Niemietz Marcus - Niemietz@rub - de
45 pages
Top Hackers Methodology and Tools
No ratings yet
Top Hackers Methodology and Tools
26 pages
Bug Bounty Exploit Checklist
No ratings yet
Bug Bounty Exploit Checklist
2 pages
Top 100 Bugs Step To Step Handbook
No ratings yet
Top 100 Bugs Step To Step Handbook
37 pages
What Is DOM-based XSS (Cross-Site Scripting) - Tutorial & Examples - Web Security Academy
No ratings yet
What Is DOM-based XSS (Cross-Site Scripting) - Tutorial & Examples - Web Security Academy
3 pages
An Empirical Study of Privacy-Violating Information Flows in Javascript Web Applications
No ratings yet
An Empirical Study of Privacy-Violating Information Flows in Javascript Web Applications
14 pages
25k Xss Vulnerabilities Overview
No ratings yet
25k Xss Vulnerabilities Overview
12 pages
Web Browser Security
No ratings yet
Web Browser Security
70 pages
Practical Skills
No ratings yet
Practical Skills
7 pages
Ajax and Java
No ratings yet
Ajax and Java
42 pages
400+ Javascript Interview Questions
100% (1)
400+ Javascript Interview Questions
176 pages
Bug Bounty Bootcamp
No ratings yet
Bug Bounty Bootcamp
2 pages
The Bug Hunters Methodology
No ratings yet
The Bug Hunters Methodology
79 pages
Top 10 Most Common Java Vulnerabilities
No ratings yet
Top 10 Most Common Java Vulnerabilities
3 pages
Security Bugs Ebookggggfffg
No ratings yet
Security Bugs Ebookggggfffg
12 pages
chapter five - browsers beyond
No ratings yet
chapter five - browsers beyond
116 pages
Unraveling Some Mysteries Around DOM-based XSS
No ratings yet
Unraveling Some Mysteries Around DOM-based XSS
42 pages
Security Checklist For Developers
No ratings yet
Security Checklist For Developers
4 pages
Exploitingunknownbrowsers
No ratings yet
Exploitingunknownbrowsers
42 pages
Week 4.1 What Are We Covering This Week? 4.1 - DOM, Dynamic Frontends, Connecting FE To BE 4.2 - Chrome Developer Tools, Why Frontend Frameworks
No ratings yet
Week 4.1 What Are We Covering This Week? 4.1 - DOM, Dynamic Frontends, Connecting FE To BE 4.2 - Chrome Developer Tools, Why Frontend Frameworks
25 pages
Node Js Secure Coding Mitigate
No ratings yet
Node Js Secure Coding Mitigate
131 pages
How I Would Hack You and Attack You
No ratings yet
How I Would Hack You and Attack You
4 pages
Hacking Adobe Experience Manager Sites
No ratings yet
Hacking Adobe Experience Manager Sites
23 pages
JavaScript for hackers 1st Edition Gareth Heyes pdf download
No ratings yet
JavaScript for hackers 1st Edition Gareth Heyes pdf download
74 pages
JAVASCRIPT AND CSS
No ratings yet
JAVASCRIPT AND CSS
39 pages
Security Checklist - Secureframe
No ratings yet
Security Checklist - Secureframe
4 pages
memorytarget
No ratings yet
memorytarget
6 pages
Snyk Top 10: Code Vulnerabilities in 2022
No ratings yet
Snyk Top 10: Code Vulnerabilities in 2022
6 pages
Javascript Sem6 Bca
No ratings yet
Javascript Sem6 Bca
52 pages
Android Penetration Testing Checklist
No ratings yet
Android Penetration Testing Checklist
13 pages
Unraveling Some of The Mysteries Around DOM-based XSS
100% (1)
Unraveling Some of The Mysteries Around DOM-based XSS
36 pages
(Ebook) Security for Web Developers - Using JavaScript, HTML, and CSS (Early Release, Raw & Unedited) by John Paul Mueller ISBN 9781491928646, 1491928646 pdf download
100% (2)
(Ebook) Security for Web Developers - Using JavaScript, HTML, and CSS (Early Release, Raw & Unedited) by John Paul Mueller ISBN 9781491928646, 1491928646 pdf download
51 pages
Tomnomnom PDF
No ratings yet
Tomnomnom PDF
35 pages
Getting Started With Javascriptnetje PDF
No ratings yet
Getting Started With Javascriptnetje PDF
2 pages
Devops Security Checklist
100% (2)
Devops Security Checklist
14 pages
Building A Javascript Library 2560
No ratings yet
Building A Javascript Library 2560
54 pages
1735372150570
No ratings yet
1735372150570
176 pages
Libraries Help Solve Commonly-Faced Issues. Here's A Few To Make Development Easier
No ratings yet
Libraries Help Solve Commonly-Faced Issues. Here's A Few To Make Development Easier
1 page
My Darkest Desires Telegram OS
No ratings yet
My Darkest Desires Telegram OS
13 pages
Pwning The Domain DACL Abuse EBook
No ratings yet
Pwning The Domain DACL Abuse EBook
20 pages
Windows Privilege Escalation
No ratings yet
Windows Privilege Escalation
53 pages
Hacking LLM
No ratings yet
Hacking LLM
33 pages
NTLM Abuse Methods
No ratings yet
NTLM Abuse Methods
22 pages
Some More Examples GivenText 9 1 2023
No ratings yet
Some More Examples GivenText 9 1 2023
15 pages
Abusing HTTP Hop-By-Hop Request Headers
No ratings yet
Abusing HTTP Hop-By-Hop Request Headers
4 pages
JWT Hacking
No ratings yet
JWT Hacking
8 pages
Guide To SSRF
No ratings yet
Guide To SSRF
6 pages
XML External Entity XXE Attack 1704716540
No ratings yet
XML External Entity XXE Attack 1704716540
19 pages
Cross Site Scripting XSS Regex Bypass 1704538523
No ratings yet
Cross Site Scripting XSS Regex Bypass 1704538523
5 pages
The Top Hacker Methodologies & Tools Notes
No ratings yet
The Top Hacker Methodologies & Tools Notes
23 pages
IDOR
No ratings yet
IDOR
3 pages
?admin Panel Bypass Checklist?
100% (2)
?admin Panel Bypass Checklist?
3 pages
Rce Vulnerability Checklist
No ratings yet
Rce Vulnerability Checklist
2 pages
HTTP Desync Attack
No ratings yet
HTTP Desync Attack
18 pages
CORS Misconfiguration
No ratings yet
CORS Misconfiguration
14 pages
Pen Testing Tools Cheat Sheet
No ratings yet
Pen Testing Tools Cheat Sheet
39 pages
Reconnaissance - Phase-2
No ratings yet
Reconnaissance - Phase-2
9 pages
Business Logic Errors
No ratings yet
Business Logic Errors
8 pages
Information Disclosure Vulnerability
No ratings yet
Information Disclosure Vulnerability
8 pages
Web Logic Vulnerability
No ratings yet
Web Logic Vulnerability
57 pages
Public Information Gathering
100% (1)
Public Information Gathering
23 pages
CrackMapExec and NetExec Cheat Sheet
No ratings yet
CrackMapExec and NetExec Cheat Sheet
10 pages
Long Password DOS Attack
100% (1)
Long Password DOS Attack
6 pages

JSChecklist

Uploaded by

JSChecklist

Uploaded by

JS Checklist

DOM-based DOS can be induced if user-input lands in requestFileSystem() or

Client-side SQLi can exist if user-input lands in executeSql() (database is created

DOM-based link manipulation can be caused by one of the following sinks:

DOM-based javascript injection can be caused if arbitrary user-input ends in one

DOM-based local file-path manipulation can be induced by one of the following

DOM-based Ajax request-header manipulation can be caused by one of the

Follow @0xblackbird on Twitter for more like this!

You might also like