SoheilKhodayari/DOMClobbering external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SoheilKhodayari/DOMClobbering

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SoheilKhodayari/DOMClobbering)

Close

SoheilKhodayari / DOMClobberingView on GitHubMore

• External links
• Readme badge

DOM Clobbering Wiki, Browser Testing, and Payload Generation

☆61Dec 18, 2025Updated 3 months ago

Alternatives and similar repositories for DOMClobbering

Users that are interested in DOMClobbering are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• SoheilKhodayari / TheThing

  View on GitHub
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆57Oct 25, 2023Updated 2 years ago
• SoheilKhodayari / JAW

  View on GitHub
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆119Feb 13, 2026Updated last month
• splitline / DOM-Clobber3r

  View on GitHub
  Generate DOM clobbering attack vectors for you.
  ☆35Jun 3, 2025Updated 9 months ago
• masatokinugawa / css-exfiltration-svg-font

  View on GitHub
  ☆17Nov 28, 2021Updated 4 years ago
• cispa / xs-observations

  View on GitHub
  Code for our 2023 IEEE S&P Paper "The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web"
  ☆14Dec 12, 2024Updated last year
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• yeswehack / Dom-Explorer

  View on GitHub
  ☆40Sep 21, 2025Updated 6 months ago
• aszx87410 / cdnjs-prototype-pollution

  View on GitHub
  Find all libraries on cdn.js that pollute your prototype
  ☆19Sep 1, 2022Updated 3 years ago
• mariussteffens / pmforce

  View on GitHub
  Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale
  ☆18May 17, 2021Updated 4 years ago
• Slonser / hui

  View on GitHub
  HTML Universal Identifier
  ☆65Dec 15, 2024Updated last year
• jackfromeast / TheHulk

  View on GitHub
  TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.
  ☆91Aug 25, 2025Updated 7 months ago
• aszx87410 / beyond-xss

  View on GitHub
  Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
  ☆177Oct 27, 2025Updated 4 months ago
• pixelindigo / yurascanner

  View on GitHub
  YuraScanner
  ☆73Feb 13, 2025Updated last year
• KTH-LangSec / server-side-prototype-pollution

  View on GitHub
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆228Feb 6, 2025Updated last year
• Crusaders-of-Rust / corCTF-2022-public-challenge-archive

  View on GitHub
  public archive for corCTF 2022
  ☆37Aug 16, 2022Updated 3 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• ubcctf / maple-ctf-2022-public

  View on GitHub
  Challenges and solutions for Maple CTF 2022.
  ☆28Sep 15, 2022Updated 3 years ago
• matanber / postMessage-tracker

  View on GitHub
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆16Jul 17, 2024Updated last year
• oshp / oshp-stats

  View on GitHub
  Stats about HTTP response security headers usage mentioned by the OSHP.
  ☆17Jan 25, 2026Updated 2 months ago
• arkark / my-ctf-challenges

  View on GitHub
  CTF challenges I created 🚩
  ☆80Mar 7, 2026Updated 2 weeks ago
• arxenix / phpfuck

  View on GitHub
  phpfuck: using only 5 different characters to write and execute php // (^.9)
  ☆20Nov 26, 2021Updated 4 years ago
• DEVCORE-Wargame / HITCON-2023

  View on GitHub
  HITCON 2023 x DEVCORE Wargame
  ☆22Aug 24, 2023Updated 2 years ago
• neploxaudit / extensions

  View on GitHub
  🗂 Knowledge Base on the Security of Chromium Extensions (https://extensions.neplox.security)
  ☆21Jan 24, 2025Updated last year
• sigpwny / UIUCTF-2024-Public

  View on GitHub
  Monorepo for challenges, infra, and theming for UIUCTF 2024 (https://2024.uiuc.tf/)
  ☆17Jul 14, 2024Updated last year
• doyensec / r2pickledec

  View on GitHub
  Pickle decompiler plugin for Radare2
  ☆18Aug 6, 2023Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• eilvelia / ocaml-kdl

  View on GitHub
  OCaml implementation of the KDL Document Language
  ☆16Mar 12, 2026Updated 2 weeks ago
• GCC-ENSIBS / GCC-CTF-2024

  View on GitHub
  Challenges and write-ups for GCC-CTF 2024
  ☆19Mar 3, 2024Updated 2 years ago
• splitline / domain-obfuscator

  View on GitHub
  Make your domain weird, but still works :/
  ☆93Jan 4, 2023Updated 3 years ago
• wectf / 2022

  View on GitHub
  WeCTF 2022 Source Code & Organizer's Writeup
  ☆31Jun 12, 2022Updated 3 years ago
• jackfromeast / dom-clobbering-collection

  View on GitHub
  A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.
  ☆48Aug 31, 2025Updated 6 months ago
• zcorpan / html-parser-book

  View on GitHub
  Idiosyncracies of the HTML parser
  ☆41Oct 17, 2024Updated last year
• SECCON / SECCON2023_final_CTF

  View on GitHub
  ☆12Jan 10, 2024Updated 2 years ago
• acsc-org / acsc-challenges-2024-public

  View on GitHub
  Challenge repository for ACSC 2024
  ☆13Apr 2, 2024Updated last year
• Nambers / python-audit_hook_head_finder

  View on GitHub
  PWNable pyjail
  ☆13Jan 13, 2025Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• orangetw / blog.orange.tw

  View on GitHub
  static sites for blog.orange.tw
  ☆23Dec 31, 2025Updated 2 months ago
• b-viguier / PhpFk

  View on GitHub
  Writing PHP with only 5 characters
  ☆39Mar 5, 2026Updated 3 weeks ago
• ahmedhamdy0x / bwapp-Installation

  View on GitHub
  Installation guide for bWAPP on Kali Linux, Ubuntu, and Windows.
  ☆13Sep 23, 2024Updated last year
• SECCON / SECCON2022_final_CTF

  View on GitHub
  ☆16Apr 12, 2023Updated 2 years ago
• AdnaneKhan / ActionsTOCTOU

  View on GitHub
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆36Jan 25, 2026Updated 2 months ago
• splitline / Pickora

  View on GitHub
  A toy compiler that can convert Python scripts 🐍 to pickle bytecode 🥒
  ☆140Feb 20, 2023Updated 3 years ago
• doyensec / malicious-devfile-registry

  View on GitHub
  Exploit for CVE-2024-0402 in Gitlab
  ☆15Mar 18, 2025Updated last year