SoheilKhodayari/DOMClobbering external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SoheilKhodayari/DOMClobbering

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SoheilKhodayari/DOMClobbering)

Close

SoheilKhodayari / DOMClobberingView on GitHubMore

• External links
• Readme badge

DOM Clobbering Wiki, Browser Testing, and Payload Generation

☆61Dec 18, 2025Updated 5 months ago

Alternatives and similar repositories for DOMClobbering

Users that are interested in DOMClobbering are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• SoheilKhodayari / TheThing

  View on GitHub
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆57Oct 25, 2023Updated 2 years ago
• SoheilKhodayari / JAW

  View on GitHub
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆118Feb 13, 2026Updated 3 months ago
• splitline / DOM-Clobber3r

  View on GitHub
  Generate DOM clobbering attack vectors for you.
  ☆35Jun 3, 2025Updated 11 months ago
• masatokinugawa / css-exfiltration-svg-font

  View on GitHub
  ☆17Nov 28, 2021Updated 4 years ago
• cispa / xs-observations

  View on GitHub
  Code for our 2023 IEEE S&P Paper "The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web"
  ☆15Dec 12, 2024Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• yeswehack / Dom-Explorer

  View on GitHub
  ☆44Sep 21, 2025Updated 8 months ago
• mariussteffens / pmforce

  View on GitHub
  Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale
  ☆18May 17, 2021Updated 5 years ago
• francisconeves97 / jxscout-caido

  View on GitHub
  Caido plugin for jxscout
  ☆15May 11, 2026Updated 2 weeks ago
• Slonser / hui

  View on GitHub
  HTML Universal Identifier
  ☆68Dec 15, 2024Updated last year
• jackfromeast / TheHulk

  View on GitHub
  TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.
  ☆94Aug 25, 2025Updated 9 months ago
• aszx87410 / beyond-xss

  View on GitHub
  Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
  ☆177Mar 25, 2026Updated 2 months ago
• pixelindigo / yurascanner

  View on GitHub
  YuraScanner
  ☆80Feb 13, 2025Updated last year
• KTH-LangSec / server-side-prototype-pollution

  View on GitHub
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆230Feb 6, 2025Updated last year
• Crusaders-of-Rust / corCTF-2022-public-challenge-archive

  View on GitHub
  public archive for corCTF 2022
  ☆37Aug 16, 2022Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• ubcctf / maple-ctf-2022-public

  View on GitHub
  Challenges and solutions for Maple CTF 2022.
  ☆28Sep 15, 2022Updated 3 years ago
• matanber / postMessage-tracker

  View on GitHub
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆16Jul 17, 2024Updated last year
• oshp / oshp-stats

  View on GitHub
  Stats about HTTP response security headers usage mentioned by the OSHP.
  ☆16Jan 25, 2026Updated 4 months ago
• arxenix / phpfuck

  View on GitHub
  phpfuck: using only 5 different characters to write and execute php // (^.9)
  ☆20Nov 26, 2021Updated 4 years ago
• arkark / my-ctf-challenges

  View on GitHub
  CTF challenges I created 🚩
  ☆83Mar 7, 2026Updated 2 months ago
• LavaMoat / LavaDome

  View on GitHub
  Secure DOM trees isolation and encapsulation leveraging ShadowDOM
  ☆37Feb 17, 2025Updated last year
• DEVCORE-Wargame / HITCON-2023

  View on GitHub
  HITCON 2023 x DEVCORE Wargame
  ☆22Aug 24, 2023Updated 2 years ago
• neploxaudit / extensions

  View on GitHub
  🗂 Knowledge Base on the Security of Chromium Extensions (https://extensions.neplox.security)
  ☆21Jan 24, 2025Updated last year
• doyensec / r2pickledec

  View on GitHub
  Pickle decompiler plugin for Radare2
  ☆18Aug 6, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• brave / pagegraph-crawl

  View on GitHub
  Gather pagegraph data from all over the internet
  ☆32May 20, 2026Updated last week
• kevin-mizu / bot-ctf-template

  View on GitHub
  ☆33Jan 31, 2026Updated 3 months ago
• splitline / domain-obfuscator

  View on GitHub
  Make your domain weird, but still works :/
  ☆93Jan 4, 2023Updated 3 years ago
• wectf / 2022

  View on GitHub
  WeCTF 2022 Source Code & Organizer's Writeup
  ☆33Jun 12, 2022Updated 3 years ago
• weizman / ProtoTree

  View on GitHub
  Use ProtoTree to visually view the entire javascript prototype chain as a tree!
  ☆11Mar 3, 2024Updated 2 years ago
• jackfromeast / dom-clobbering-collection

  View on GitHub
  A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.
  ☆50Aug 31, 2025Updated 8 months ago
• zcorpan / html-parser-book

  View on GitHub
  Idiosyncracies of the HTML parser
  ☆41Oct 17, 2024Updated last year
• SECCON / SECCON2023_final_CTF

  View on GitHub
  ☆12Jan 10, 2024Updated 2 years ago
• acsc-org / acsc-challenges-2024-public

  View on GitHub
  Challenge repository for ACSC 2024
  ☆13Apr 2, 2024Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Nambers / python-audit_hook_head_finder

  View on GitHub
  PWNable pyjail
  ☆13Jan 13, 2025Updated last year
• orangetw / blog.orange.tw

  View on GitHub
  static sites for blog.orange.tw
  ☆22Dec 31, 2025Updated 4 months ago
• b-viguier / PhpFk

  View on GitHub
  Writing PHP with only 5 characters
  ☆38Mar 5, 2026Updated 2 months ago
• SECCON / SECCON2022_final_CTF

  View on GitHub
  ☆16Apr 12, 2023Updated 3 years ago
• kumavis / react-compartment

  View on GitHub
  ☆11Dec 27, 2023Updated 2 years ago
• AdnaneKhan / ActionsTOCTOU

  View on GitHub
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆41Jan 25, 2026Updated 4 months ago
• splitline / Pickora

  View on GitHub
  A toy compiler that can convert Python scripts 🐍 to pickle bytecode 🥒
  ☆140Feb 20, 2023Updated 3 years ago