In this post, I’ll be explaining to you that how can you Intercept HTTP Requests using Burp Suite. Burp suite provides the GUI based web application based testing environment. using Burpsuite you can capture both,  HTTP and HTTPS packet and this captured packets can be modified very easily. so I have divided this post into the following parts

1. Burp suite Installation

2. Setting up a proxy in Mozilla Firefox browser

3.  SSL certificate installation in Firefox

4. Intercept HTTP Requests using Burp Suite

Burp suite Installation

So it’s a very basic step about burp suite. You can download and install Burpsuite by using the following steps

Step 1: Visit the official Portswigger website to download the burp suite by clicking here

Step 2: Now complete the installation steps and then open the Burp suite

Step 3: Now select a temporary project and then click on next to proceed further

Intercept HTTP Requests using Burp Suite

Step 4: so the basic interface of the Burp suite will be like

Intercept HTTP Requests using Burp Suite

So as you have successfully installed the Burp suite in your system. The next step is to set up a proxy in your browser. I’ll use the Mozilla Firefox browser, which is recommended. Because in the newer version of Google Chrome, some Javascript filters are preinstalled. so always use Mozilla Firefox

Also read : Exploit Android device using Open Adb Ports

Setting up a proxy in Mozilla Firefox browser

So, in this section, we will set a proxy server in our Firefox browser so that we can Intercept and modify the request in Burp Suite.

Step 1: Open your Firefox browser and then navigate to preferences as

Intercept HTTP Requests using Burp Suite

Step 2: Now search for proxy in the search bar, then click on setting to set the proxy as

Step 3: Now click on Manual proxy configuration, set HTTP Proxy as 127.0.0.1 and Port 8080 then click on Ok to save the setting

once the proxy is set, now we need to intercept and also you can modify the packets before it sent to the server. for this process follow the next part

Installing SSL certificates in Mozzila Firefox browser

In order to capture the HTTPS packets, we have to export and install an SSL certificate. for that, follow the steps

Step 1: In Burp Suite, Navigate to Proxy > Options > Import/export CA Certificates and then select the certificate in DER format, then click Next

Intercept HTTP Requests using Burp Suite

Step 2: Now click on the select file and then keep the name of file mycert.der and then save the file to your desired location. Please note that the name of the file should end with .der extension

Step 3: Now Open your Mozilla Firefor browser, navigate to Preferences and then search for certificates in Search Bar, then click on View certificates as

Intercept HTTP Requests using Burp Suite

Step 4: Open certificate manager, Navigate to Authorities > Import and import your certificated, that we exported in step 2. Click Ok to save changes

Also read: A script to automate Hacking tools

Intercept HTTP Requests using Burp Suite

Now in this step, we will capture the HTTP Requests by turning on interception mode. after that, we will be able to capture the packets. for that, open the burp suite

Step 1: The first step is to verify that our proxy is working or not. for that navigate to Proxy > Options and then verify that the proxy server address is correct or not

Step 2: In this step, we need to turn on the interception. for that open Burp Suite, navigate to proxy tab and then click on interception is off button. once you clicked on that, it will change to interception is on 

Step 3: Once the interception is turned on, go to your Firefox browser and then visit any website. You will see that the burp suite is able to capture the packets as

There are mainly three options once the packet has been captured. The first one is

Forward: You can forward the captured packets

Drop: You can drop the packets that you have captured

Action: using this button, you can perform different types of actions like you can send this packet to spider, repeater, intruder

In my next post, I’ll explain all these actions in very depth. so don’t worry about it.

Conclusion: In this post, we have seen that how can we install Burp Suite, how to setup proxy in Firefox browser and then how to turn on the interception in Burp suite to capture the packets. In my next post, I’ll explain, how can you modify the captured packets before it sent to the server


Rajesh Ranjan

I'm a tech enthusiast currently pursuing B.Tech in Computer Science & Engineering. trying to make things as simple as possible

Leave a Reply