IT and security stuff

Setup Burp in Kali

I’ve used BurpSuite so many times. It is a great tool for Web Pentesting. I’ve only tried Community Edition so I can’t imagine how powerful the paid version is. This guide is intended for my colleagues and friends that I have or will convert to the hacking path.

The proxy is my favorite tool.
Making sure the Intercept is “on”

In order to get our proxy to work we need to do a few things inside our favorite browser. For this demo I am using Firefox.

Select Add-ons.
Search for FoxyProxy or your favorite proxy addon. Install it.
Go to port 8080 on localhost and download the CA Certificate from Burp.
Go to “Preferences”.
Search for “cert” and you should see “View Certificates…”. Click on it.
Select import and import your downloaded certificate.
We must now configure FoxyProxy
Address is 127.0.0.1 and port 8080

Now we can test it. Go to this address http://testhtml5.vulnweb.com

This indicates the proxy is up and running!
Now, click login.
Enter whatever you want. It’s a fake site. Click login.
As I clicked, the burp proxy instantly pops up and shows us the request before it’s sent. We can do a lot of stuff from here.

At this point, BurpSuite is fully fonctionnal. I hope you are all set and will enjoy this awesome tool. Stay tuned!

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.