i [Burp Suite] Using Burp Proxy – All things in moderation

[Burp Suite] Using Burp Proxy

  1. Configuring your browser to work with Burp suite
    First , on Burp suite make sure your configuration like the picture below, further you can edit port different 8080 default , example port 8081,…
    Screenshot (149)Second, on your browser (in this case I using firefox)   follow link :Preferences > Advanced > Network > Settting
    Config proxy like picture below

    Screenshot (152)

    When you’ve configured your browser, visit any HTTP URL, and  confirm that request in intercepted in Burp
    Screenshot (154)
    This basic configuraion will let your browser work with Burp for many purposes.

    To properly deal with websites that use HTTPS, you’ll need to carry out some further configuration.

    Fore more details, see the tutorial on installing Burp’s SSL certificate in your browser follow link:

    https://support.portswigger.net/customer/portal/articles/1783075-installing-burp-s-ca-certificate-in-your-browser

    In this case I will do with firefox :

    https://support.portswigger.net/customer/portal/articles/1783087-Installing_Installing%20CA%20Certificate%20-%20FF.html

  2. Using Burp Suite Proxy
    Interceting requests and responses
    Now , with Burp set up and running , visit any URL in your browser.The browser will wait for the response to completeScreenshot (154)
    Here, we can see the HTTP service that the request is begin sent to, and full contents message.These tabs show different vies into the message , to help you analyze and mofiy its contents.

    These buttons let you forword the message , or carry our other actions.

    Screenshot (156)
    Forward: request is sent on to the server ( hot key : Ctrl + F)

    If  you want Itercept off, so that all messages forwarded automaticaly

    Using the proxy history

    burpsuite proxy

    burpsuite proxy

    Burp proxy maintains a history of all requests and responses  pass through it

    When you select an item the table , the full request and response for that item are show below

     

    Above the history table is a filter bar . Click on the bar to open the filters options

    – Driving your testing workflow

    Screenshot (160)
    The proxy tool lies at the heart of Burp’s user-driven workflow.

    And you can choose the particular tasks .

    Key configuraiont options

    Screenshot (161)
    You can add listeners on different ports and interfaces, redirect to different hosts, configure how the listener handles SSL certificates, and support invisible proxying for non-browsers clients

    Screenshot (162)
    You can configure fine-grained rules to intercept just the request that you want to see.

    Screenshot (163)
    The match and replace options let you define rules to automatically mofiy ports of request and response messages passing through the proxy
    Screenshot (164)
    The miscellaneous options control some specific details of Bup’s behaviour

2 Comments

  1. Melvina October 17, 2016
    • Stephen Stinson November 25, 2016

Leave a Reply