Testing Blind XSS Payloads

Get the payloads list and load it up!

git clone https://github.com/rocketscientist911/webpayloads.git

Intruder is kinda cumbersome with burpcollaborator to test as we do not know which payload has actually worked!

For this very reason we will be using bountyburp plugin.

Now, scan with extensions only option…