Using Burp Suite Proxy
Despite all of its available tools, Burp Suite's primary function is to serve as an intercepting proxy. This means that Burp Suite is capable of capturing requests and responses, and then manipulating them prior to forwarding them on to their destination. In this recipe, we will discuss how to intercept and/or log requests using the Burp Suite Proxy.
Getting ready
To use Burp Suite to perform web application analysis against a target, you will need to have a remote system that is running one or more web applications. In the examples provided, an instance of Metasploitable2 is used to perform this task. Metasploitable2 has several preinstalled vulnerable web applications running on TCP port 80
. For more information on setting up Metasploitable2, refer to the Installing Metasploitable2 recipe in Chapter 1, Getting Started, of this book. Additionally, your web browser will need to be configured to proxy web traffic through a local instance of Burp Suite. For more information...