BURPSUITE


OVERVIEW:

Burp Suite is a leading cybersecurity tool used for web application security testing.

Here I will show how you to set up proxy for a website and monitor and analyze the HTTP requests and responses between the browser and the web server.

STEPS:

Opening up burpsuite community edition and making up a temporary project.

Using burpsuite default configurations

Going to proxy tab and turning on the intercept

Checking proxy options. The default local host ip is 127.0.0.0 and port 8080

 Setting up manual proxy of browser to IP 127.0.0.0 and port 8080. Making sure its same for HTTPS

Downloading certificate which is necessary for by passing Https traffic

You can see, the certificate has been downloaded

Configuring certificate in browser settings

Importing the downloaded certificate

Every request that goes from web browser to web server gets on hold in burpsuite when intercept is on

For example when searching for youtube.com on browser, the page doesn’t load because the request has been sent to burpsuite 

Here we can see the request. 

After forwarding all the requests, the youtube page finally loads up.

Leave a Reply

Your email address will not be published. Required fields are marked *