JSPanda – Client-Side Prototype Pullution Vulnerability Scanner
Source code analysis – Screenshot
Supporting Materials :
Something I've learned recently. When working on client-side Prototype Pollution bugs you can set a breakpoint on access to the property you want to pollute to get to the root cause. Video https://t.co/s5VpvlvLw8 and function to set breakpoint on access https://t.co/ZBUyRAuYaH
— harisec (@har1sec) October 9, 2020
https://github.com/BlackFan/client-side-prototype-pollution
https://github.com/ThePacketBender/notes/blob/01c0b834f6e3ee4d934b087b2d92c9e484dc2a50/web/prototype_pollution.txt
https://habr.com/ru/company/huawei/blog/547178/
https://infosecwriteups.com/javascript-prototype-pollution-practice-of-finding-and-exploitation-f97284333b2
https://github.com/securitum/research/tree/master/r2020_prototype-pollution
Learn Prototype Pollution in Series – Part 2
dwisiswant0/ppfuzz
GitHub – raverrr/plution: Prototype pollution scanner using headless chrome
JavaScript Prototype Poisoning Vulnerabilities in the Wild
The Complete Guide to Prototype Pollution Vulnerabilities
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.
