Welcome to the introductory tutorial to Burp Suite. It provides details about the installation and usage of Burp Suite. Burp Suite is an essential tool for bug hunters and web application pentesters.
Foxyproxy for Firefox
Download links are:
Click on Foxyproxy’s icon and click “Options”:
Click “Add new proxy”. In the “Proxy details” section → “Manual Proxy Configuration” insert the following values for Server and Port:
- Server: 127.0.0.1
- Port: 8080
In the “General” section, give the proxy a name and select a color. Then save.
Now start the proxy you just created by right-clicking on the Foxyproxy icon and selecting the newly created proxy.
Double-click on Burp executable to start it. On Linux double-click the jar file or download the plain jar file, and run it from the terminal:
java -jar burpsuite_community_v1.7.33.jar
Note. Your version may have a different version number.
Start Burp Suite with default settings.
The proxy intercepts requests from the web browser. Requests can be modified in real time or can also be viewed in connection with their responses in the “HTTP history” tab.
Click “Proxy” > “Intercept” > “Intercept On” this will stop requests intercepting.
Once the page is open in the web browser when “intercept is on,” Burp will display the request sent from your browser until you press “forward” or if “intercept is on” is enabled. Unless the request to the web application server will not be forwarder henceforth, no response will be received. We can see the web browser waiting for the response to be initiated. Since Burp suite yet has not initiated the send request.
If the intercept is on and you do not want to send the request forward, click “drop.” Requests will not be sent to the destination. “drop” tab also enables to inspect the request and then drop it once when done. For example, the request will be intercepted by clicking on “submit” button on the target site. The request will be made available immediately in the repeater side “action” → “Send to repeater” which then “drop”.
To see the proxy settings, Click “Proxy” → “Optionsauthorized
As you can see the default port used by Burp for its proxy is port 8080. Choose the same for Foxyproxy. You can have multiple proxies; you need to make sure that the ports in Burp and Foxyproxy match.
The Foxy Proxy configuration: IP: 127.0.0.1 Port: 1337, must be similar to the same configuration in Burp Proxy, IP: 127.0.0.1 Port: 1337. The communication protocol works as follows:
- The target site is browsed by the user;
- Foxy Proxy and Burp are configured with the same IP and Port as explained above;
- Foxy Proxy is on; then Burp Proxy is on;
- Every single request made by the user sends it corresponding to the proxy’s IP, and port is taken by Foxy Proxy ( in this case Burp’s proxy);
- Intercepted request by the Burp Proxy is stored in the HTTP History;
- Concurrently, Burp also forwards the request to the destination web application server and waits for a reply
- Once the web server is initiated to send back a response, Burp forwards the response to the Browser.
Foxy Proxy ensures that all the initiated requests are sent to Burp’s Proxy.
If you are interested in learning more, we invite you to review this course.