What is Burp Suite
Burp Suite is a Java application for testing and analysing the security of web applications. Burp Suite includes a proxy server, a spider, an intruder and a so-called repeater (for automating requests).
Few useful module of Burp Suite
• Proxy: A proxy server is a server that acts as an intermediary for requests from clients
seeking resources from other servers. Burp Suite functions as an HTTP proxy server, with all
HTTP/S traffic from your browser passing through it. To do any kind of testing with Burp, you
need to configure your browser to work with it.
• Proxy – HTTP History: HTTP History maintains a full record of all network traffic that has
passed through the proxy. You can filter this information to help manage it and use the
proxy history to drive your testing workflow. The proxy history is always updated even when
you have intercept turned off, so allowing you to browse without interruption while still
monitoring all details about application traffic.
• Proxy – Intercept: You can intercept all requests from your browser, and you must approve
any requests for them to go through. Intercept allows you to manipulate requests as they
are being sent.
• Intruder: You can use Intruder, which allows the user to launch attacks on a website. You
can do ‘brute force’ attacks through the Burp Suite Community Edition but it is extremely
slow so you may want to look for another product, such as Hydra. Hydra is already installed
on Kali otherwise, ‘sudo apt install hydra’ would install it on other Linux systems.
• Repeater: You can use Repeater to manually manipulate and repeat individual HTTP
requests and analyses the application’s response.
• Decoder: Is a simple tool for encoding and decoding data into various encoded and hashed
forms. It is also able to encode and decode URL, HTML, Base64 strings to text, ASCII text,
Hex, Octal, Binary, and Gzip. You may also use CyberChef2 which is another great tool to use
if you encounter code that needs decoding, Burp Suite is good enough to use if you happen
to come across Base64 and need to quickly decode it.
How to set up Burp Suite
Burp Suite Community Edition is already installed in Kali Linux. Below are details on how to configure
Burp Suite:
- Burp Suite Community Edition is already installed in Kali Linux. If you do need to install it,
you may download it from https://portswigger.net/burp/communitydownload. - If not already installed, download and install Mozilla Firefox from
https://www.mozilla.org/en-US/firefox/new/. - Open Burp Suite and click “next” and then “start burp” on the prompts.
- Open Firefox click the three line button in the top right-hand corner, and click options.
Where it says ‘Find in Options’ type Proxy and click on settings when in pops up. - Select Manual proxy configuration and type 127.0.0.1 in the bar below it, next to it where it
asks for a Port, put 8080, and make sure the “use this proxy server for all protocols” box is
checked. - Delete anything in the “no proxy for” field.
- Now click okay.
- Now you need to install the Burp Suite Certificate.
- In the search bar in Firefox, put http://127.0.0.1:8080/.
- At the top left corner of the webpage you will see CA Certificate, click that. You will be asked
whether you want to open the file or save the file, choose to save, and make a note of
where you are saving it to. - Find the folder from where you saved it, open it, and then click install. Click current user click
next, leave the circle that says “Automatically select the certificate based on the type of
certificate” checked and click next. Now click finish. - Now go back to options in Firefox and type ‘certificates’ instead of ‘proxy’. Click on view
certificates. - Make sure you are in the Authorities tab and scroll down until you see import. Click on the
certificate from wherever you saved it to and open it. In the dialogue box that pops up,
check the box “Trust this CA to identify web sites” and click okay. - If you have done everything correctly you should now be able to go into Burp Suite, click the
Proxy tab, then click the HTTP History tab and see all web traffic browsed within Firefox
since enabling the Proxy. So if it doesn’t work straight away, try restarting your virtual machine.
Note: Remember to turn intercept off if you don’t want to have to authorize everything you’re
doing on Firefox. The Intercept button appears in the Intercept tab, as shown in the below
screenshot.
Description
Burp Suite, most often only called Burp, is a tool dedicated to auditing web platforms. Its main functionalities are a web proxy and a web vulnerability scanner. This software is developed by PortSwigger. Burp Suite has a free version, which includes the proxy, the repeater and the intruder (in a limited way). We are talking here below of these three modules and the scanner, which is included in the paid version.
This tool is the indispensable software to audit a web application, as it meets the first need of an audit professional: to access the exchanges between the browser and the web server, so in order to understand the architecture and how the solution to be audited works. Thanks to its different functionalities easily configured, it is the Swiss Army knife of a pen tester.
Burp’s global functioning is designed in a modular way. Some of the modules are installed by default in the software, which are the essentials modules to run an audit. Other complementary modules, called extensions, are available to download via the extender (the “catalog” of Burp). The following article Functionalities and extensions will specify some extensions that simplify some time-consuming tasks.
| Download Burp Suite | https://portswigger.net/burp/communitydownload |
| Download Firefox | https://www.mozilla.org/en-US/firefox/new/ |
