DOMInvader test cases
These testcases provide you with an easy way to confirm DOMInvader's tools.
- augmented-dom-click-location-replace
- augmented-dom-custom-sink-function
- augmented-dom-custom-sink-object
- augmented-dom-document-write
- augmented-dom-document-writeln
- augmented-dom-eval
- augmented-dom-eval-cookie
- augmented-dom-eval-location-hash
- augmented-dom-eval-scope
- augmented-dom-eval-urlsearchparameters
- augmented-dom-function
- augmented-dom-function-window-name
- augmented-dom-iframe-setattribute
- augmented-dom-iframe-src
- augmented-dom-iframe-srcdoc
- augmented-dom-iframe-srcdoc-nodevalue
- augmented-dom-iframe-srcdoc-textcontent
- augmented-dom-iframe-srcdoc-value
- augmented-dom-import-scripts
- augmented-dom-innerhtml
- augmented-dom-innerhtml-dom-clobbering
- augmented-dom-innertext
- augmented-dom-jquery
- augmented-dom-jquery-$
- augmented-dom-jquery-globaleval
- augmented-dom-jquery-wrap
- augmented-dom-keyup-location-assign
- augmented-dom-location-settimeout
- augmented-dom-navigation-navigate
- augmented-dom-pathname-document-write
- augmented-dom-performance-eval
- augmented-dom-script-append
- augmented-dom-script-appendchild
- augmented-dom-script-dom-clobbering
- augmented-dom-script-dom-clobbering-csp
- augmented-dom-script-innerhtml
- augmented-dom-script-innertext
- augmented-dom-script-text
- augmented-dom-script-text-src
- augmented-dom-script-textcontent
- augmented-dom-security-vulnerability
- augmented-dom-setinterval
- augmented-dom-settimeout
- augmented-dom-source-check
- augmented-dom-stack-filtering
- augmented-dom-xhr
- postmessage-2-eventlisteners
- postmessage-cross-domain-secrets
- postmessage-cross-domain-secrets-json-object
- postmessage-cross-domain-secrets-json-string
- postmessage-dos
- postmessage-dos-interesting-sink
- postmessage-eval
- postmessage-eval-endswith
- postmessage-eval-iframe
- postmessage-eval-iframe-multiple
- postmessage-eval-iframe-source-validation
- postmessage-eval-iframe-source-validation-nested
- postmessage-eval-remove-event-listener
- postmessage-eval-sandboxed-iframe
- postmessage-eval-startswith
- postmessage-inner-html-json
- postmessage-inner-html-json-encoded
- postmessage-inner-html-json-use-strict
- postmessage-inner-html-object
- postmessage-innerhtml
- postmessage-json-insertadjacenthtml
- postmessage-json-insertadjacenthtml-followup
- postmessage-json-object-iframe-interesting-url
- postmessage-json-object-iframe-srcdoc
- postmessage-json-object-iframe-srcdoc-large-structure
- postmessage-location-redirection
- postmessage-performance-eval
- postmessage-stack-filtering
- postmessage-stack-filtering-dos