Tips & Tricks

Setting Up BurpSuite

Once Burp loads up, there are a few things we need to configure to make our lives easier.


Installing and Configuring FoxyProxy

First, to make our lives easier, let’s install the Firefox add-in for FoxyProxy.

With the add-in installed, let’s head into the Options.

Now we can Add a new entry.

Let’s create the New Entry with the following.

Title: Burp
Proxy IP: 127.0.0.1
Port: 8080

Click Save.

With this in place, we can easily route traffic in/out of Burp without having to dive deep into Firefox’s settings.


Installing the Burp’s Certificate in Firefox

Now that we have the proxy configured, we’ll want to import Burp’s certificate so that we do not receive certificate errors while browsing the internet.

Let’s start by routing our traffic through our proxy and navigating to the following URL.

http://burpsuite/

Now we can click on CA Certificate to download the necessary der file.

With the cert file saved, lets head into Preferences and click on Options.

Head over to the Privacy settings, find the Certificates section, and click on View Certificates.

In the Certificate Manager window, find the Authorities tab. Then, select Import.

Browse to the .der file you downloaded earlier.

Enable Trust this CA to identify websites, and then click OK.


Disabling Firefox’s Captive Portal

With Firefox’s default configuration, you will see a lot of requests to http://detectportal.firefox.com.

To get rid of this, let’s head over to about:config and click Accept the Risk and Continue.

Search for network.captive-portal-service, and set the value to False.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s