infosecgirls
Appsec
Appsec
  • Introduction
  • Application Details
    • VM - Pre-req
    • Import Virtual Machines
    • Access Mutillidae Web Application
  • INITIAL SETUP WITH OWASP ZAP
    • OWASP ZAP
    • Setup OWASP ZAP
    • Modes
    • Automated Scan
    • Report Generation
  • Initial Setup with Burp
    • Start Burp Suite
    • Add FoxyProxy Addon
    • Add New Proxy In FoxyProxy
    • Configure Proxy Listener
    • Install Burp's CA Certificate In Firefox
    • Getting Rid of Unnecessary Browser Traffic
  • Quick Basics
    • Disable Intercept Mode in Burp
    • Enable Intercept Mode in Burp
    • Send to Repeater
    • Send to Comparer
  • Web Application Pentesting
    • A1 - Injection
      • SQL Injection with bWAPP
      • SQL Injection in DVNA
      • Command Injection in DVNA
    • A2 - Broken Authentication
      • Broken Authentication with bWAPP
    • A3 - Sensitive Data Exposure
      • Sensitive Data Exposure - DVNA
    • A4 - XML External Entities (XXE)
      • XML External Entity (XXE) Injection - Mutillidae
      • XML External Entity (XXE) Injection - DVNA
    • A5 - Broken Access Control
      • Broken Access Control - DVNA
    • A6 - Security Misconfiguration
      • Security Misconfiguration in DVNA
      • Security Misconfiguration in Mutillidae
      • Security Misconfiguration in Security Shepherd
    • A7 - Cross-Site Scripting (XSS)
      • Reflected XSS
      • DOM XSS
      • Stored XSS - Mutillidae
      • XSS - Sending data to remote server
    • A8 - Insecure Deserialization
      • Insecure Deserialization - DVNA
    • A9 - Using Components with Known Vulnerabilities
      • Using Components with Known Vulnerabilities - DVNA
    • 10 - Insufficient Logging & Monitoring
    • References
    • About Us
  • Additional Content
    • Insecure Direct Object Reference
    • Security Misconfiguration
    • Password Guessing Attack
    • User Enumeration
      • Unauthenticated User Access
      • Create a New User
      • Authenticated User Access
      • Intruder: Set Positions
      • Intruder: Define Payload
      • Intruder: Configure Grep - Extract
      • Trigger Attack & Save Results
    • Custom Iterator
    • Null Payload
    • Request in Browser: Privilege Escalation Check
  • Burp Extenders
    • Target
    • Proxy
    • Intruder
    • Repeater
    • Sequencer
    • Decoder
    • Comparer
    • Extender
Powered by GitBook
On this page
  • Intercept
  • HTTP History

Was this helpful?

  1. Burp Extenders

Proxy

This is an intercepting web proxy that operates as a man-in-the-middle between the end browser and the target web application. It lets you intercept, inspect and modify the raw traffic passing in both

PreviousTargetNextIntruder

Last updated 5 years ago

Was this helpful?

Intercept

  1. In Burp, go to "Proxy" > "Intercept" tab, and get familiar with the user interface.

2. Switch to "Proxy" > "HTTP history" tab.

3. Switch to "Proxy" > "Websockets history" tab.

4. Switch to "Proxy" > "Options" tab, and look at the different options available.

5. In Burp, go to "Proxy" > "Intercept" tab, and ensure that interception mode is turned on. If the intercept control button says "Intercept is off", then click on it to toggle the interception status.

6. With the intercept mode enabled in Burp Suite, fill and submit the login form of the Security Shepherd application.

7. Switch to "Proxy" > "Intercept" tab and observe that the submitted request has been intercepted. At this point, it is possible to modify the request parameters before forwarding the request to the origin server.

8. Analyse the intercepted request, and observe the parameters passed in POST request body.

9. Tamper with the input parameters, i.e., change values for login and pwd parameters.

10. Click on "Forward" button, and analyze the next request.

11. Go to "Proxy" tab > "Options" sub-tab > "Intercept Server Responses" section, and check the checkbox labelled as "Intercept responses based on the following rules".

12. For a smoother experience, add suitable interception rules for requests and responses. The following combination of request and response interception rules could be useful:

13. Switch to "Proxy" > "Intercept" tab and forward the intercepted request (from step-#10). This time, the server response should have been intercepted by the Burp interceptor.

14. Click on "Forward" button, and analyze the next request/response. Repeat until there is no more request/response to forward. Alternatively, if you are done analyzing the request, turn interception mode off by clicking on the "Intercpet is on" button.

HTTP History

  1. Navigate to "Proxy" tab > "HTTP history" sub-tab to see a full record of all messages that have been intercepted by the Burp Proxy.

2. Click on the filter bar, above the history table, and select the checkbox labelled as "Show only in-scope items".

3. To apply the filter, click anywhere outside of the display filter form.

4. Right-click on the history table and select "Show new history window" option from the context menu, to open an additional view.

5. Click on a column header to sort contents of the history table.

6. To highlight a request, right-click on the chosen request and select "Highlight" from the context menu.

7. To add a comment against a request, right-click on the chosen request and select "Add comment" from the context menu.

8. If you wish to forward an interesting request to Scanner, Repeater, Intruder, or Sequencer tools, right-click on the selected request and choose an appropriate option from the context menu.