Overview
JAW is a static-dynamic, scalable framework to analyze JavaScript programs for the detection of client-side vulnerabilities
Features:
- Chromium-based crawler(s) enhanced with DevTools Protocol and Browser Extensions APIs
- Can collect webpages, scripts, events, DOM snapshots, network messages, web storage values, and cookies
- Implementation of hybrid Code Property Graphs (HPGs) for JavaScript
- Interactive detection or automatic exploration of vulnerable program behaviours
- Declarative Cypher queries
- ORM support with Python
- Self-contained, built-in queries to detect client-side CSRF, Request Hijacking and DOM Clobbering vulnerabilities.
-
Design and perform custom security-related program analyses:
- Data flow analysis between pre-defined JavaScript sources and sinks
- Control flow and reachability analysis
- Resolution of DOM query selectors leveraging DOM snapshots
- Pattern matching via the Abstract Syntax Tree (AST)