From the OWASP Mutilliae II menu, select Login by navigating to OWASP 2013 | A3 - Cross Site Scripting (XSS) | Reflected (First Order) | Pen Test Tool Lookup:
Select a tool from the drop-down listing and click the Lookup Tool button. Any value from the drop-down list will work for this recipe:
Switch to Burp Proxy | HTTP history and find the HTTP message you just created by selecting the lookup tool. Note that in the request is a parameter called ToolID. In the following example, the value is 16:
Flip over to the Response ...
With Safari, you learn the way you learn best. Get unlimited access to videos, live online training,
learning paths, books, interactive tutorials, and more.