What is Burpsuite
Burp Suite, a framework of web application pentesting tools, is widely regarded as the tool to use when performing web app testing. BurpSuite acts as a proxy between your browser and sending it through the internet – It allows the BurpSuite Application to read and change/send on HTTPS data.
The suite can run under windows and linux.
Install: https://portswigger.net/burp/communitydownload
Burp Suite requires Java JRE in order to run. Download and install Java here:
https://www.java.com/en/download/
After install we need to do some configurations.
Configuring with Firefox
Start Burpsuite. Accept al defaults
Start firefox
let’s add an extension to our web browser to allow up to easily route or traffic through it. We use FoxyProxy Standard https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/
Next, click on FoxyProxy among your extensions in the upper right corner
After that, click on ‘Options’.
click ‘Add’ in the top left to add Burpsuite as a proxy to FoxyProxy
Enter in the following settings and then click ‘Save’
- Proxy IP = 127.0.0.1
- Port = 8080
- Title = Burpsuite
Now we need to make sure the traffic is going to burpsuite. Click on the FoxyProxy extension icon again and select ‘Burp’.
To test you can go to Go to http://localhost:8080 or http://127.0.0.1:8080
Now we need to add the CA certificate
Click on the CA Certificate
Save the certificate
Now that we’ve downloaded the CA Certificate, move over to the settings menu in Firefox. Search for ‘Certificates’ in the search bar.
Click on ‘View Certificates’
Next, in the Authorities tab click on ‘Import’
Select trust this CA to identify web sites and select trust this ca to identify email users
Select ‘OK’ once you’ve done this. Congrats, we’ve now installed the Burp Suite.
Only send data to Burp when you need it. Otherwise turn it off as it will make your internet experience a bit slower
