DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities. It allows you to upload your HTML, JavaScript, and CSS files to scan for potential vulnerabilities. The tool provides a detailed report of the findings, including the vulnerable code snippets and recommendations for remediation.
FEATURES
ALTERNATIVES
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
An API security and monitoring platform that automatically discovers, validates, and protects API endpoints while providing comprehensive management and analytics capabilities.
This article discusses the different types of remote timing attacks and provides defense strategies against them.
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
Instrumentation-based approach for resolving reflective calls in Android apps.
Curiefense is an application security platform that protects against various threats and offers community involvement.
Automatically redirect users from www to non-www for a secure connection.
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
PINNED

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.