Skip to content

Instantly share code, notes, and snippets.

@joaomilho
Last active April 10, 2018 08:05
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save joaomilho/4ab03c56fd7e72a17996699ae23f3a22 to your computer and use it in GitHub Desktop.

burp guide

  1. Install https://portswigger.net/burp/communitydownload;

  2. Browser:

  • Chrome The Chrome browser picks up the HTTP proxy settings configured on the host computer. If you are using Chrome, you can open your computer's built-in browser and follow the instructions for configuring that. If you aren't sure where the built-in proxy settings are, open Chrome, go to the Customize menu, select Settings, click on "Show advanced settings", and click the "Change proxy settings ..." button. This will open the relevant configuration options for your host computer. On Mac, it will open network config. Click on web proxy checkbox and for web proxy server put 127.0.0.1 and for port put 8080. Click Ok and then apply.

  • Firefox Go to the Firefox menu, click on Preferences and at the bottom you hace network proxy. Click on setting next to it. Select the "Manual proxy configuration" radio button. Enter your Burp Proxy listener address in the "HTTP proxy" field (by default instructions 127.0.0.1). Enter your Burp Proxy listener port in the "Port" field (by default, 8080). Make sure the "Use this proxy server for all protocols" box is checked. Delete anything that appears in the "No proxy for" field. Then click "OK" to close all of the options dialogs.

  1. Open burp suite and choose temporary project and click next. Choose use burp defaults and click start burp;

  2. Once you have Burp running go to the Proxy Intercept tab, and ensure that interception is turned on (if the button says "Intercept is off" then click it to toggle the interception status). Then go to your browser and visit any URL.

  3. Now you are ready to use burp. Any outgoing request will be visible and you will be able to change it and forward changed request to targeted server (in proxy tab, choose intercept tab).

Additional useful links: https://portswigger.net/burp/help/suite_gettingstarted

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment