Looks amazing, I was using FileDescriptor's "Untrusted Types" extension for some time. Any chance this will make it's way into a standalone browser extension so we don't need to use the burpsuite embedded browser? I have a few other plugins in chrome that I use during bug hunts that I'd rather not lose functionality of, plus the embedded browser runs very poorly on M1 macs, especially anything dev tools related. I think the version of chromium used might not be running natively on M1 macs and instead uses Rosetta :(. Is there a plan for a standalone browser extension not built into the embedded browser?
Zero chance. I have a M1 mac and the embedded browser works seamlessly There's zero chance they'd make a stand alone browser extension. That's not their business/. You have 2 options, install those plugins in the embeded browser or use chrome to do those limited checks you want to do with whatever crap chrome plugins you're using...can't honestly think of any that can do something burp can't
@@EmilyAnn Not sure why you're so aggressive about my question? Firstly, I'm glad to hear chromium running through Rosetta is fast enough for you, but it isn't for me. Second, I don't know why you say there's "zero chance", there are plenty of releases PortSwigger have made for the community that aren't directly related to bringing in revenue. I wasn't aware you were leading up PortSwigger's business strategies. Third, I have no idea why you're calling the Untrusted Types plugin "crap", and you might want to look up some of FileDescriptor's work before you badmouth a plugin that DOM invader likely took influence from in the first place. It's a great plugin but I agree DOM invader is even nicer, hence the reason for asking my question in the first place.
Have you followed the guide? portswigger.net/blog/introducing-dom-invader You need to be on the Early Adopter channel, and it is within the Burp Container Extension
Absolutely fantastic! Finally an easy to use and easy to understand visual tool for finding DOM XSS.
The build poc feature is amazing. Thank you
really thank you for the nice and easy to understand Explanation
awesome!! super excited for this! thanks for the very informative video!
I have the lasted burp suite pro version but I don't see the tab of "DOM invader" I just see the record tab.
Incredible work! As always. But consider making the text bigger for future demos. 6px tall text is not easy to read
Sorry about that, I’ll try and make sure future videos are more readable. Thanks
Looks amazing, I was using FileDescriptor's "Untrusted Types" extension for some time.
Any chance this will make it's way into a standalone browser extension so we don't need to use the burpsuite embedded browser? I have a few other plugins in chrome that I use during bug hunts that I'd rather not lose functionality of, plus the embedded browser runs very poorly on M1 macs, especially anything dev tools related. I think the version of chromium used might not be running natively on M1 macs and instead uses Rosetta :(. Is there a plan for a standalone browser extension not built into the embedded browser?
Zero chance.
I have a M1 mac and the embedded browser works seamlessly
There's zero chance they'd make a stand alone browser extension. That's not their business/. You have 2 options, install those plugins in the embeded browser or use chrome to do those limited checks you want to do with whatever crap chrome plugins you're using...can't honestly think of any that can do something burp can't
@@EmilyAnn Not sure why you're so aggressive about my question?
Firstly, I'm glad to hear chromium running through Rosetta is fast enough for you, but it isn't for me.
Second, I don't know why you say there's "zero chance", there are plenty of releases PortSwigger have made for the community that aren't directly related to bringing in revenue. I wasn't aware you were leading up PortSwigger's business strategies.
Third, I have no idea why you're calling the Untrusted Types plugin "crap", and you might want to look up some of FileDescriptor's work before you badmouth a plugin that DOM invader likely took influence from in the first place. It's a great plugin but I agree DOM invader is even nicer, hence the reason for asking my question in the first place.
Absolutely nice your site I like it
got to use this more often.
Nice, but I could barely see anything. It would be great if you could increase the font size for burp suite and browser and other tabs
my browser not showing this extension not even in extension option how to download how can i do it
This is soo cool.
All wark, but Inject URL button add canary to url, but plugin don't catch vulnerability :(
Thanks!
Superb😍😍
It would be nice to have video timestamps.
Done!
@@PortSwiggerTV Awesome!
How do I get hold of outer HTML payloads?
At the moment you have to inspect the desired element using devtools. We plan to show the outerHTML in the augmented DOM in future.
Brilliant! I was using Tracy extension for this purposes but its a bit buggy and definitely not that powerful!
me too. This tool will be awesome
thanks, but please make the font bigger next time
How to find the extension !!i updated but did not found just the recorder there!Thanks
Have you followed the guide? portswigger.net/blog/introducing-dom-invader You need to be on the Early Adopter channel, and it is within the Burp Container Extension
A w e s o m e 😄
✌
Yes dom daddy