Burp Suite Complete Guide (Part 1-Installation & Configuration)

Burp Suite is the best Penetration Testing tool specially made for Cyber Security experts which Test websites, servers, and Networks with its combination of automated and manual tools.

 Well, every Cyber Security person knows how useful Burp Suite is, and those who want to Learn it you came to the right place.

Now Instead of explaining tools all over here, I will explain all combinations of tools with practical for better understanding.

So, let's dive into it.

Downloading and Installing Burp Suite 

In Kali Linux Full version burp suite comes preinstalled if it's not just type

# sudo apt install burpsuite 

Installing Burp Suite for Windows and Mac 

Just Check out this link

Choose your OS and Download the version you want.


Now you are Confused about Which version to download I am here to help.

Burp Suite has 3 versions 

Enterprise - Automated Testings for organizations and developers who didn't have any knowledge of penetration testing burp suite automated integrations cover you up here.
Price - $3,999 per year.

Professional -  For Serious Cyber Security persons  Penetration testers and Bug Bounty Hunters those who want to scale there skill using burp suite. Has Automated and manual tools to help with hunting bugs and vulnerabilities.
Price - $399 per user, per year.

Community Addition - This Version has limited manual testing tools to start with and good for researchers and penetration testers who want to learn or just using for hobbie.
Price - Free

You guys came here to learn right? then go for community addition and learn how to use it first.

If you are serious about Cyber Security and Penetration testing then go for Professional version you will surely not disappointed by it obviously if you can afford it. 

Now. we installed a burp suite we need to configure it with browser.

Configuring Burp Suite with Firefox Browser

 I use the Firefox Browser and recommended you to use the same because it has more hacking related extensions than any other browsers to make your life easier.

FoxyProxy is an extension you need to install now because of its switches Proxies in just one click.

Google it or visit here.


install it and click on the fox icon and go to options.
Add 

proxy - 127.0.0.1
Port - 8080

save it and you will see that it's added on the menu of FoxyProxy.



Now let's open up the Burp suite. 


I am using Burp Suite Community Edition for this tutorial


use a temporary project 

use burp  default

 And Burp Suite Application will start up showing you all the options after configuring we will see them one by one.

For Testing Purpose we will be using DVWA you still don't know how to install it then click here.

login to DVWA then click on proxy we added using an icon of FoxyProxy.

This means your browser requests will be routed from the burp suite and we have total control over requests we are sending.
clicking on anything on DVWA.

And you will see your Burp suite will fire up with a proxy tab and request your browser sent.

 

 we configured our Burp suite with HTTP connections successfully but with HTTPS site this will occur. 

 Intercept SSL (HTTPS) Requests in Burp Suite

We need to download Certificates of Burp and add them to the browser.

Type http://burp in the URL bar and hit enter.

Click on CA Certificate and save the file.

Now Go to 

Preference > Privacy and Security > Scroll to Certificates > Click on view Certificates

Now click on import and select cacert.der 

 Tick on both checkboxes and click OK.

That's it now refresh page and burp suite will pop up with requests.

After Forwarding the requests page will open up normally.


That's it, we configured burp suite Successfully now ready to head over to learn how to use it. 

You may like these posts