Dom Invader is tool offered by Burp suite it is basically a browser extension that comes with burp browser and help in identifying interesting sink and to exploit the vulnerability. To find DOM xss we need to understand and read thousand line of JS code to understand the flow of the Input data and here comes the DOM invader tools that tracks the input data in JS and gives as the possible sink that is reflecting back the input data on the page page. there are some more great feature along the identifying sinks.

Key Feature

• Testing for DOM XSS: Invader allows to identify controllable source and sinks along the how our data is being reflected and getting sanitized, it also provide us payload to test sometime provided payload works otherwise need to balance the payload to make it work
• Log modifying and resend web message. basically it works as burp suite where we can track the web messages and same as burp repeater here we can resend the web message after making changes on data or origin.
• Detect sources for Client side prototype pollution
• Detect DOM clobbering Vulnerability

Testing DOM XSS with DOM Invader

Finding Sources and sinks to exploit DOM based xss can be hard because we need to understand thousand lines of code and understand the flow of our data to find the vulnerability so it takes lot of hard work and it is time consuming process, so to overcome this we can use DOM invader where this tool keep tracking our input data and if our data is being reflected anywhere or it find the possible sink that we can exploit then it will show us that.

We do this by Injecting Canary on the parameter

• Go to Dev tool ( Inspect ) then DOM Invader tab
• Copy canary token from there
• Paste that canary token into the Input field
• DOM Invader will look into the flow of data and show as interesting sinks

Then look for sink and reflection of data analyze reflection and balanced your payload and get your XSS