- Configuring your browser to work with Burp suite
First , on Burp suite make sure your configuration like the picture below, further you can edit port different 8080 default , example port 8081,…Second, on your browser (in this case I using firefox) follow link :Preferences > Advanced > Network > Settting
Config proxy like picture below
When you’ve configured your browser, visit any HTTP URL, and confirm that request in intercepted in Burp
This basic configuraion will let your browser work with Burp for many purposes.
To properly deal with websites that use HTTPS, you’ll need to carry out some further configuration.
Fore more details, see the tutorial on installing Burp’s SSL certificate in your browser follow link:
In this case I will do with firefox :
- Using Burp Suite Proxy
– Interceting requests and responses
Now , with Burp set up and running , visit any URL in your browser.The browser will wait for the response to complete
Here, we can see the HTTP service that the request is begin sent to, and full contents message.These tabs show different vies into the message , to help you analyze and mofiy its contents.
These buttons let you forword the message , or carry our other actions.
Forward: request is sent on to the server ( hot key : Ctrl + F)
If you want Itercept off, so that all messages forwarded automaticaly
– Using the proxy history
Burp proxy maintains a history of all requests and responses pass through it
When you select an item the table , the full request and response for that item are show below
Above the history table is a filter bar . Click on the bar to open the filters options
– Driving your testing workflow
The proxy tool lies at the heart of Burp’s user-driven workflow.
And you can choose the particular tasks .
– Key configuraiont options
You can add listeners on different ports and interfaces, redirect to different hosts, configure how the listener handles SSL certificates, and support invisible proxying for non-browsers clients
You can configure fine-grained rules to intercept just the request that you want to see.
The match and replace options let you define rules to automatically mofiy ports of request and response messages passing through the proxy
The miscellaneous options control some specific details of Bup’s behaviour