SoheilKhodayari/DOMClobbering external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SoheilKhodayari/DOMClobbering

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SoheilKhodayari/DOMClobbering)

Close

SoheilKhodayari / DOMClobberingView on GitHubMore

• External links
• Readme badge

DOM Clobbering Wiki, Browser Testing, and Payload Generation

☆61Dec 18, 2025Updated 4 months ago

Alternatives and similar repositories for DOMClobbering

Users that are interested in DOMClobbering are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• SoheilKhodayari / TheThing

  View on GitHub
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆57Oct 25, 2023Updated 2 years ago
• SoheilKhodayari / JAW

  View on GitHub
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆118Feb 13, 2026Updated 2 months ago
• splitline / DOM-Clobber3r

  View on GitHub
  Generate DOM clobbering attack vectors for you.
  ☆35Jun 3, 2025Updated 11 months ago
• masatokinugawa / css-exfiltration-svg-font

  View on GitHub
  ☆17Nov 28, 2021Updated 4 years ago
• cispa / xs-observations

  View on GitHub
  Code for our 2023 IEEE S&P Paper "The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web"
  ☆15Dec 12, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• yeswehack / Dom-Explorer

  View on GitHub
  ☆44Sep 21, 2025Updated 7 months ago
• aszx87410 / cdnjs-prototype-pollution

  View on GitHub
  Find all libraries on cdn.js that pollute your prototype
  ☆19Sep 1, 2022Updated 3 years ago
• mariussteffens / pmforce

  View on GitHub
  Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale
  ☆18May 17, 2021Updated 4 years ago
• francisconeves97 / jxscout-caido

  View on GitHub
  Caido plugin for jxscout
  ☆15Nov 22, 2025Updated 5 months ago
• Slonser / hui

  View on GitHub
  HTML Universal Identifier
  ☆68Dec 15, 2024Updated last year
• jackfromeast / TheHulk

  View on GitHub
  TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.
  ☆92Aug 25, 2025Updated 8 months ago
• aszx87410 / beyond-xss

  View on GitHub
  Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
  ☆176Mar 25, 2026Updated last month
• pixelindigo / yurascanner

  View on GitHub
  YuraScanner
  ☆78Feb 13, 2025Updated last year
• KTH-LangSec / server-side-prototype-pollution

  View on GitHub
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆230Feb 6, 2025Updated last year
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Crusaders-of-Rust / corCTF-2022-public-challenge-archive

  View on GitHub
  public archive for corCTF 2022
  ☆37Aug 16, 2022Updated 3 years ago
• ubcctf / maple-ctf-2022-public

  View on GitHub
  Challenges and solutions for Maple CTF 2022.
  ☆28Sep 15, 2022Updated 3 years ago
• testable-eu / sast-tp-framework

  View on GitHub
  TP-Framework: Testability Pattern Framework for SAST
  ☆16May 10, 2024Updated last year
• matanber / postMessage-tracker

  View on GitHub
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆16Jul 17, 2024Updated last year
• oshp / oshp-stats

  View on GitHub
  Stats about HTTP response security headers usage mentioned by the OSHP.
  ☆16Jan 25, 2026Updated 3 months ago
• arkark / my-ctf-challenges

  View on GitHub
  CTF challenges I created 🚩
  ☆82Mar 7, 2026Updated last month
• arxenix / phpfuck

  View on GitHub
  phpfuck: using only 5 different characters to write and execute php // (^.9)
  ☆20Nov 26, 2021Updated 4 years ago
• DEVCORE-Wargame / HITCON-2023

  View on GitHub
  HITCON 2023 x DEVCORE Wargame
  ☆22Aug 24, 2023Updated 2 years ago
• neploxaudit / extensions

  View on GitHub
  🗂 Knowledge Base on the Security of Chromium Extensions (https://extensions.neplox.security)
  ☆21Jan 24, 2025Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• doyensec / r2pickledec

  View on GitHub
  Pickle decompiler plugin for Radare2
  ☆18Aug 6, 2023Updated 2 years ago
• brave / pagegraph-crawl

  View on GitHub
  Gather pagegraph data from all over the internet
  ☆32Updated this week
• kevin-mizu / bot-ctf-template

  View on GitHub
  ☆32Jan 31, 2026Updated 3 months ago
• eilvelia / ocaml-kdl

  View on GitHub
  OCaml implementation of the KDL Document Language
  ☆18Mar 29, 2026Updated last month
• GCC-ENSIBS / GCC-CTF-2024

  View on GitHub
  Challenges and write-ups for GCC-CTF 2024
  ☆19Mar 3, 2024Updated 2 years ago
• splitline / domain-obfuscator

  View on GitHub
  Make your domain weird, but still works :/
  ☆93Jan 4, 2023Updated 3 years ago
• wectf / 2022

  View on GitHub
  WeCTF 2022 Source Code & Organizer's Writeup
  ☆33Jun 12, 2022Updated 3 years ago
• jackfromeast / dom-clobbering-collection

  View on GitHub
  A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.
  ☆49Aug 31, 2025Updated 8 months ago
• acsc-org / acsc-challenges-2024-public

  View on GitHub
  Challenge repository for ACSC 2024
  ☆13Apr 2, 2024Updated 2 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• Nambers / python-audit_hook_head_finder

  View on GitHub
  PWNable pyjail
  ☆13Jan 13, 2025Updated last year
• orangetw / blog.orange.tw

  View on GitHub
  static sites for blog.orange.tw
  ☆22Dec 31, 2025Updated 4 months ago
• b-viguier / PhpFk

  View on GitHub
  Writing PHP with only 5 characters
  ☆39Mar 5, 2026Updated 2 months ago
• SECCON / SECCON2022_final_CTF

  View on GitHub
  ☆16Apr 12, 2023Updated 3 years ago
• splitline / Pickora

  View on GitHub
  A toy compiler that can convert Python scripts 🐍 to pickle bytecode 🥒
  ☆140Feb 20, 2023Updated 3 years ago
• doyensec / malicious-devfile-registry

  View on GitHub
  Exploit for CVE-2024-0402 in Gitlab
  ☆15Mar 18, 2025Updated last year
• Live-CTF / LiveCTF-DEFCON32

  View on GitHub
  LiveCTF challenges and infrastructure at DEFCON 32 CTF
  ☆22Aug 18, 2025Updated 8 months ago