This repository has three main components, MutaGen, the testbed and the orchestration framework.
Contains the generator for mutation prone HTML fragments as well as some analysis tools.
Contains the different sanitizer runner
Provides the environment to run your desired configuration neatly packages in a docker-compose project.
If you find this repository useful or are using any of it for your research, please cite us.
@inproceedings{KleJoh24,
author = {Klein, David and Johns, Martin},
booktitle = {45th IEEE Symposium on Security and Privacy},
title = {{Parse Me, Baby, One More Time: Bypassing HTML Sanitizer via Parsing Differentials}},
year = {2024},
month = {may},
note = {to appear}
}