Search Posts

Install and configure Burpsuite

What is Burpsuite

Burp Suite, a framework of web application pentesting tools, is widely regarded as the de facto tool to use when performing web app testing. BurpSuite acts as a proxy between your browser and sending it through the internet – It allows the BurpSuite Application to read and send on HTTPS data.

The suite can run under windows and linux.

Install: https://portswigger.net/burp/communitydownload

Burp Suite requires Java JRE in order to run. Download and install Java here:
https://www.java.com/en/download/

After install we need to do some configurations.

CA Certificate

 

Start Burpsuite. Accept al defaults

Start firefox

let’s add an extension to our web browser to allow up to easily route or traffic through it. We use FoxyProxy Standard https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/

Next, click on FoxyProxy among your extensions.


After that, click on ‘Options’.


After that, click ‘Add’ in the top left


Enter in the following settings and then click ‘Save’


Finally, click on the FoxyProxy extension icon again and select ‘Burp’.

Go to http://localhost:8080

Click on CA Certificate

Save the certificate

Now that we’ve downloaded the CA Certificate, move over to the settings menu in Firefox. Search for ‘Certificates’ in the search bar.


Click on ‘View Certificates’

Next, in the Authorities tab click on ‘Import’

Select trust this CA to identify web sites and select trust this ca to identify email users


Select ‘OK’ once you’ve done this. Congrats, we’ve now installed the Burp Suite.

 

Only send data to Burp when you need it. Otherwise turn it off

 

79 Total Views 8 Views Today

Leave a Comment

Leave a Reply