Burp Suite contains an intercepting proxy. In order to use Burp Suite, you must configure a browser to pass its traffic through the Burp Suite proxy. This isn't too hard to do with Firefox, which is the default browser on Kali Linux. Open up Firefox and click on the menu button to open up the Firefox setting menu. Burp Suite, a framework of web application pentesting tools, is widely regarded as the tool to use when performing web app testing. BurpSuite acts as a proxy between your browser and sending it through the internet – It allows the BurpSuite Application to read and change/send on HTTPS data. The suite can run under windows and linux.
What is OWASP Zap
OWASP Zap is a security testing framework much like Burp Suite. It acts as a very robust enumeration tool. It’s used to test web applications. It’s completely open source and free. There is no premium version, no features are locked behind a paywall, and there is no proprietary code.
This software can run under Windows and Linux
Install: OWASP ZAP (zaproxy.org)
Configuring with Firefox
After installation open OWASP Zap
![Burp Burp](https://www.programmersought.com/images/929/9dce911ef8a7ae91cf90cae37ed43911.png)
Tell ZAP to use 127.0.0.1 and use port 8080
In the same screen navigate to Dynamic SSL certificates
Press save.
Now we are going to import this certificate in Firefox. Open Firefox
Go to about:preferences
Click on View certificates
Click on import and import the certificat we just saved
Make sure you select to trust
let’s add an extension to our web browser to allow up to easily route or traffic through it. We use FoxyProxy Standard https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/
Next, click on FoxyProxy among your extensions in the upper right corner
After that, click on ‘Options’.
click ‘Add’ in the top left to add Burpsuite as a proxy to FoxyProxy
Enter in the following settings and then click ‘Save’
- Proxy IP = 127.0.0.1
- Port = 8081
- Title = Zap
Now we need to make sure the traffic is going to ZAP. Click on the FoxyProxy extension icon again and select ‘ZAP’.
If you using Burpsuite also then make sure the port is different then the one used in burp. If you follow this guide then you should not have that problem as burp is standard on 8080
If you navigate to http://127.0.0.1:8081/ you should see the OWASP welcome page
You can run this next to Burpsuite. Just follow this guide Configure Burpsuite with Firefox
What is Burpsuite
Burp Proxy Firefox Plugin
Burp Suite, a framework of web application pentesting tools, is widely regarded as the tool to use when performing web app testing. BurpSuite acts as a proxy between your browser and sending it through the internet – It allows the BurpSuite Application to read and change/send on HTTPS data.
The suite can run under windows and linux.
Install: https://portswigger.net/burp/communitydownload
Burp Suite requires Java JRE in order to run. Download and install Java here:
https://www.java.com/en/download/
https://www.java.com/en/download/
After install we need to do some configurations.
Configure Burp Proxy Firefox
Configuring with Firefox
Start Burpsuite. Accept al defaults
Start firefox
let’s add an extension to our web browser to allow up to easily route or traffic through it. We use FoxyProxy Standard https://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/
Next, click on FoxyProxy among your extensions in the upper right corner Grid pic for instagram art.
After that, click on ‘Options’.
click ‘Add’ in the top left to add Burpsuite as a proxy to FoxyProxy
Enter in the following settings and then click ‘Save’
- Proxy IP = 127.0.0.1
- Port = 8080
- Title = Burpsuite
Now we need to make sure the traffic is going to burpsuite. Click on the FoxyProxy extension icon again and select ‘Burp’.
To test you can go to Go to http://localhost:8080 or http://127.0.0.1:8080
![Burp Burp](/uploads/1/3/7/4/137472962/192309033.png)
Now we need to add the CA certificate
Click on the CA Certificate
Burp Proxy Localhost Firefox
Save the certificate
Now that we’ve downloaded the CA Certificate, move over to the settings menu in Firefox. Search for ‘Certificates’ in the search bar.
Click on ‘View Certificates’
Next, in the Authorities tab click on ‘Import’
Burp Proxy Toggle Firefox
Select trust this CA to identify web sites and select trust this ca to identify email users
Paros Proxy
Select ‘OK’ once you’ve done this. Congrats, we’ve now installed the Burp Suite.
Burp Proxy Firefox Extension
Only send data to Burp when you need it. Otherwise turn it off as it will make your internet experience a bit slower