DOM-XSS Scanner Checks for Burp Suite
This Burp Suite plugin passively scans for DOM-Based Cross-Site Scripting. It is written completely in Java and takes advantage of the new Burp 1.5.x Extender API.
In addition, it attempts to parse out variables named in sources and match them up to sinks in order to set the confidence:
I'd be interested in any feedback, including false positives, and especially false negatives. if you find any, please contact me.
Download binary Source code to be released at a later date
Burp Suite 1.5.x required for use.