Testing for DOM clobbering with DOM Invader
Last updated: January 27, 2023
Read time: 1 Minute
Web Security Academy
For more information about DOM clobbering, as well as some interactive, deliberately vulnerable labs, check out the related topic on the Web Security Academy.DOM clobbering
Enabling DOM clobbering
To avoid interfering with your target site's functionality, DOM clobbering is disabled by default. To enable these checks:
Go to the DOM Invader settings menu.
Under Attack types, toggle the switch so that DOM clobbering is on.
Click Reload to refresh the browser. This is necessary for your changes to take effect.
DOM Invader now scans for DOM clobbering vulnerabilities as you browse.
Was this article helpful?
An error occurred, please try again.