Let's perform the following steps:
- We open up Burp and switch to the Extender tab:
![](/api/v2/epubs/9781789952308/files/assets/7b61b430-5418-4fa6-b1cf-1aaa3ab38967.png)
We then install the XSS Validator extender:
![](/api/v2/epubs/9781789952308/files/assets/e437379c-781c-4268-8e5d-18856e2bfaac.png)
- Once the installation is done, we will see a new tab in the Burp window titled xssValidator:
![](/api/v2/epubs/9781789952308/files/assets/948b6495-b430-49fe-b7f7-9e8e81474ed9.png)
- Once the servers are running, we head back to the Burp window. In the XSS Validator tab on the right, we will see a list of payloads the extender will test on request. We can manually enter our own payloads ...