DOM XSS Finder

Client-Side Flow Analysis

DOM-based XSS is invisible to server-side scanners. This tool analyzes client-side JavaScript to identify dangerous data flows from user inputs (sources) to execution functions (sinks) like innerHTML or eval.

Try DOM XSS Finder Documentation

Analysis:Static Taint Analysis

Targets:React, Vue, Vanilla JS

Source Analysis

// Source: location.hash
// Sink: innerHTML

function trackUser() {
    // [Danger] Direct flow from URL hash to HTML
    var unsafe = decodeURIComponent(window.location.hash);
    
    // Sink
    document.getElementById('welcome').innerHTML = unsafe;
}

// Exploit Vector:
// https://site.com#<img src=x onerror=alert(1)>

Key Features

Sink Detection

Identifies dangerous functions like dangerouslySetInnerHTML, eval(), and document.write().

Taint Analysis

Traces data flow from URL parameters and inputs to dangerous sinks.

Framework Support

Detects specific patterns in React, Vue, and Angular applications.

Ready to try DOM XSS Finder?

Start using this tool in seconds. No credit card required.

Launch DOM XSS Finder

All Tools Try Live Demo