Collaborator feature to exfiltrate data
Currently the collaborator it allow only to understand if a specific request generate an interaction with the collaborator on own payload. It would be very useful to add a feature to show in burp also exfiltrated data.
For example, a normal collaborator DNS request is:
Having the possibility to add data like will help tester, for example:
Currently this king of request isn't shown inside burp because the hostname doesn't match with the one that has been generated.
Sure, that works at a technical level. If you are using this techniques, you should be using a private Collaborator server. The license agreement with the public collaborator forbids use for exploitation and exfiltration.
There is an extension extension that does similar:- https://github.com/NetSPI/BurpCollaboratorDNSTunnel
Please let us know if you need any further assistance.