Skip to content
Gallery
ETT - Bestpass
ETT-BestPass
Information required from Bestpass
Infrastructure Requirements
Software License Details
Domain Transfer
SPAN Responsibilities
AWS-ETT Infrastructure - DevOps Team
ETT SQL Details
Mobile App Transfer
Transition Services Agreement (TSA)
Tax Year Changes
Transfer a Domain with NO Downtime
ETT Deployment
ETT Domains
ETT Build Deployments
ETT Payments - Flex Microform
Knowledge Transfer - Technical
Domain KT
Share
Explore
In-House Tools Used

icon picker
Burpsuite

Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities

Steps To Install Burp suite

How to download and setup Burp Suite in Windows?
Download burp suit from
here
.
Install Burp Suite
After running the installer, select “new temporary project”, followed by “use burp defaults”.
image.png
image.png
4. Click on Start Burp
image.png

Configure Burp suite

Go to the “Proxy” tab, then the “Options” sub-tab, and look in the “Proxy Listeners” section.
You should see an entry in the table with the checkbox ticked in the Running column, and “127.0.0.1:8080” showing in the Interface column.
You will need to select the table entry, click “Edit”, and change the port number of the listener to a different number.
image.png

Configuring your Browser to work with Burp

Open Firefox and go to the Customize menu. In the Customize menu, select Options, then click on “Settings” in the Network Section.
image.png
image.png
This will open the relevant configuration options for your host computer. Now select Manual proxy configuration and enter the same HTTP Proxy and Port number that is entered on Burp suite. Click on “OK” to save the settings.
SSL Certificates If we went now and tried to go to a site configured with SSL (eg google.com) we would get an invalid ssl cert error, So, following:
https://support.portswigger.net/customer/portal/articles/1783075-installing-burp-s-ca-certificate-in-your-browser
we will install burp’s CA in our browser. • go to
http://burp
in Firefox • click on ‘CA Certificate’ in the top menu bar
image.png
• click ‘save’ • Goto Firefox > Click on Options from side menu > Write Certificates in the search field
image.png
• click on “View Certificates” > authorities > import
image.png
• browse to where you downloaded the CA bundle. • Tick all the options. • click “OK” • In the addressbar in firefox, enter “google.com” and switch over to burpsuite. You may have a few captures for ‘firefox profile tracing’ — you can drop those by clicking the ‘drop’ button
image.png
In the burpsuite tabs you can see the http headers, http parameters and the hex values if you need to (similar to the firefox inspector, but prior to the request being filled by the server) • at this point, nothing has been sent to the remote server! • click ‘forward’ • the request is sent to the server • You now have to switch to the ‘http history tab’


Tutorials

https://portswigger.net/burp/documentation/desktop/tutorials

Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.