BURPSUITE : BASICS

Burp Suite is a fully featured web application attack tool: it does almost anything that you could ever want to do when pentesting a web application.

One of Burp Suite’s main features is its ability to intercept HTTP requests. Normally HTTP requests go from your browser straight to a web server and then the web server response is sent back to your browser. With Burp Suite, however, HTTP requests go from your browser straight to Burp Suite, which intercepts the traffic.

In Burp Suite you can then tweak the raw HTTP in various ways before forwarding the request on to the web server. Essentially this tool is acting as a proxy, a “man in the middle,” between you and the web application, allowing you to have finer control over the exact traffic you are sending and receiving.

Features of Burp Community

The main feautures of Burpsuite are

  • Proxy: The Burp Proxy is the most renowned aspect of Burp Suite. It enables interception and modification of requests and responses while interacting with web applications.

  • Repeater: Another well-known feature. Repeater allows for capturing, modifying, and resending the same request multiple times. This functionality is particularly useful when crafting payloads through trial and error (e.g., in SQLi - Structured Query Language Injection) or testing the functionality of an endpoint for vulnerabilities.

  • Intruder: Despite rate limitations in Burp Suite Community, Intruder allows for spraying endpoints with requests. It is commonly utilized for brute-force attacks or fuzzing endpoints.

  • Decoder: Decoder offers a valuable service for data transformation. It can decode captured information or encode payloads before sending them to the target. While alternative services exist for this purpose, leveraging Decoder within Burp Suite can be highly efficient.

  • Comparer: As the name suggests, Comparer enables the comparison of two pieces of data at either the word or byte level. While not exclusive to Burp Suite, the ability to send potentially large data segments directly to a comparison tool with a single keyboard shortcut significantly accelerates the process.

  • Sequencer: Sequencer is typically employed when assessing the randomness of tokens, such as session cookie values or other supposedly randomly generated data. If the algorithm used for generating these values lacks secure randomness, it can expose avenues for devastating attacks.

Installation

  • Windows: Visit and select the appropriate installer for your system (32-bit or 64-bit).

  • macOS: Download the installer from the same URL or use Homebrew with brew install burpsuite.

  • Then install the burpsuite from the dowloaded path.

DASHBOARD

The Dashboard consists of

  • Tasks

  • Event log

  • Issue activity

  • Advisory

We need to go through each part to understand the basics idea and how it is being used.

SETTINGS:

There are two type of setting in Burpsuite , one is global and the other one is Project settings.

  • Global Settings: These settings affect the entire Burp Suite installation and are applied every time you start the application. They provide a baseline configuration for your Burp Suite environment.

  • Project Settings: These settings are specific to the current project and apply only during the session. However, please note that Burp Suite Community Edition does not support saving projects, so any project-specific options will be lost when you close Burp.

In settings we find different options such as search , filter , categories and etc.

Burp Proxy:

We use burp proxy to intercept the traffic when needed . It would be very easy to intercept the request whenever needed .

The Burp Proxy is a fundamental and crucial tool within Burp Suite. It enables the capture of requests and responses between the user and the target web server. This intercepted traffic can be manipulated, sent to other tools for further processing, or explicitly allowed to continue to its destination.

The interception looks like

The main things that can be done by the proxy are intercepting requests , taking control , capture and logging , websocket support , logs and history.

We can use some add-ons such as foxy-proxy in firefox so intercpet the traffic through burpsuite . It can be turned on whenever we want to intercept the traffic .

TARGET TAB:

The target tab consists of three sub-tabs

  • Site Map: Visualizes application structure, captures visited pages, enables deeper crawling (Pro), and aids manual enumeration (APIs).

  • Issue Definitions: Provides a comprehensive list of web vulnerabilities with descriptions and references (even in Community).

  • Scope Settings: Grants granular control over your testing scope by defining included/excluded domains and IPs.

Burp Suite also includes a built-in Chromium browser that is pre-configured to use the proxy without any of the modifications we just had to do.

Scoping can be used for capturing and logging all of the traffic can quickly become overwhelming and inconvenient, especially when we only want to focus on specific web applications. This is where scoping comes in.

To intercept the HTTPS traffic we need to import the portswigger CA certfication to the browser for authentication purpose

after adding the PortSwigger CA certificate to our list of trusted certificate authorities. Now, we should be able to visit any TLS-enabled site without encountering the certificate error.

PreviousBURP_SUITE : REPEATERNextSSRF ATTACK : WALKTHROUGH

Last updated