Tutorial - Xss - Setup and configure Dom Invader to find XSS

July 04, 2021

TLDR: As of this posting, Dom invader is part of the Early Adopter Program and has not been released to a public build yet. Help > Check for updates will not be enough to give you access to the brand new Dom Invader yet. You will need to download a version of Burp which includes the Dom Invader Browser Extension.


Setup up Burp Suite

Portswigger just announced their newest tool in Burp Suites Arsenal, Dom Invader. It a browser extension which they built into their Chromium Browser and is exclusive to Burp so far. If you are anything like me, you updated burp to the latest version, started following one of these amazing tutorials only to find that whenever you opened Burp Suite and launched the Browser, you were unable to see Dom Invader even though you had just upgraded to the newest version of Burp Suite.

Installing the correct version of Burp

With the release of v2021.2.1 back in February of 2021, Burp Pro users are able to get access to the latest features early as part of the Early Adopters Program. If you don’t have Burp Pro, fear not, it appears they allow both the community and pro versions to be downloaded! Simply follow this link to access the download. Install or upgrade burp as usual.

You are now ready to use Dom invader! Let us begin.