Our two time speaker @shreeraj just released two tools at #blackhat
DOMScan is utility to drive IE and capture real time DOM from the browser. It gives access to active DOM context along with JavaScripts. One can observe the DOM in detail using this utility. It has predefined rules to scan DOM. One can run the scan on existing DOM and fetch interesting entry points and calls. It allows tracing through JavaScript variables as well. Using this utility one can identify following vulnerabilities.
• DOM based XSS
• DOM based vulnerable calls
• Source of abuse and external content loading methods
• Possible DOM logic and business layer calls
• Same Origin Bypass calls and usage
• Mashup usage inside DOM
• Widget Architecture review using the toolDOMTracer - The DOM as seen in all the aforementioned cases needs to be analyzed in many aspects. Run-time analysis of the DOM/JavaScript is vital and aids one to look at the calls made during the ‘dynamic DOM manipulation’. The DOMTracer is a Firefox Extension for this same purpose. It has been written using the standard method of writing extensions using the XUL platform and the JavaScript language in majority. This is in beta and we are working on new features.
To download, go to http://blueinfy.com/tools.html
