Using Burp Suite to view and alter requests

Burp Suite, as OWASP ZAP, is more than just a simple web proxy. It is a fully featured web application testing kit; it has a proxy, request repeater, request automation, string encoder and decoder, vulnerability scanners (in the Pro version), and other useful features.

In this recipe, we will do the previous exercise but this time using Burp's proxy to intercept and alter the requests.

Getting ready

Start Burp Suite and prepare the browser to use it as proxy.

How to do it...

Browse to http://192.168.56.102/mutillidae/.
By default, interception is enabled in Burp's proxy, so it will capture the first request. We need to go to Burp Suite and click on the Intercept is on button in the Proxy tab.
The browser will ...

Get Kali Linux Web Penetration Testing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Kali Linux Web Penetration Testing Cookbook by Gilberto Nájera-Gutiérrez

Using Burp Suite to view and alter requests

Getting ready

How to do it...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly