Capturing and Analysing Requests in Burp Suite: A Beginner’s Guide
This is the initial interface you encounter upon launching Burp Suite.
We can see the Proxy tab option in the top navigation bar of Burp Suite. Click on it to navigate to the Proxy tab.
In the Proxy tab, we can see the Proxy Settings option in the navigation bar. Click on it to access and view the settings.
The settings dialog box opens, showing the default setting as 127.0.0.1:8080. If this configuration is present, we are ready to proceed to the next step.
If the default proxy isn’t set, you can configure it by clicking on the “Add” button.
A dialog box titled “Add a New Proxy Listener” will open. You can manually set up the proxy as shown in the image below and click on ok to save the settings.
The next step is to export the Burp Suite certificate. To do this, go back to the Proxy Settings option. In the settings dialog box, you will see the Import/Export CA Certificate button. Click on this button to proceed.
A new dialog box titled “CA Certificate” will open. Select the option “Certificate in DER format” and click “Next.”
Choose the directory where you want to export the certificate. Name the certificate as per your choice and set the extension to .der. For example, you can name it burp.der. Click on "Save" to export the certificate.
You will see the following dialog box. Click on “Next” to complete the export process.
The certificate is exported successfully. Hit close to end the process.
The next step is to import the Burp Suite certificate into your browser. Open the settings menu in your preferred browser. In Firefox, for example, search for “certificate” and you will find the option to “View Certificates.”
Click on “View Certificates” and the “Certificate Manager” dialog box will open. At the bottom of the dialog box, you will find the “Import…” option.
Click on the “Import…” option and select the exported certificate in DER format that you previously saved. Click on open to import certificate.
Check both options as shown in the image below and click “OK”. The certificate is imported successfully.
You can verify the import process by repeating the above steps. It will indicate that “The certificate is already installed as a certificate authority.”
The next step is to install and configure the “Foxy Proxy” extension for your browser. Search for “Foxy Proxy” on Google and you will find the add-on extension for Firefox. Click on it and install it for Firefox.
After installation you can see the extension is currently disabled in settings. Click on options in the extension.
In the options page of Foxy Proxy, navigate to the “Proxies” option in the navigation bar. Click on it to add a new proxy configuration.
On Proxies section we can see the add button click on it to add proxy.
Name the proxy as burp suite and add “hostname” and “port” Proxy settings in Foxy Proxy manually as shown in the image below. Click on save and the settings are saved.
Click on the “Foxy Proxy” extension icon that appears in the top right corner of your browser. You will see that the Burp Suite proxy option has been successfully added. Click on this option to enable the Burp Suite proxy.
Finally, open the “HTTP History” tab in the Proxy section of Burp Suite. You can now start browsing and observe the HTTP requests and responses captured by Burp Suite.
For this example, I opened YouTube in my browser, and you can see that the request is captured in Burp Suite.
This walkthrough finishes here!!….
