brain_fuck
Checklists
Checklists
  • 📁What Is It
  • 🐧Linux Hardening
    • Privilege Escalation - Linux
      • SUDO
      • Kernel Exploit
      • SUID or SGID
      • Capabilities
      • Cron Jobs
      • PATH Hijacking
      • NFS (Network File Sharing)
  • 🖼️Windows Hardening
    • Privilege Escalation - Windows
      • Abusing dangerous privileges
      • Abusing Service Misconfigurations
      • Abusing Vulnerable Software
      • Recopilación de contraseñas en sitios habituales
      • Otras escaladas
    • AD - Active Directory
      • Basic AD
      • Samba & NTML Relay
      • Pass The Hash (PTH)
      • Kerberoasting Attack
      • Golden Ticket & Pass The Ticket (PTT)
  • 🧰Tools
    • Nmap
    • John the Ripper
      • zip2john
    • Gobuster
    • Smbmap
    • Smbclient
    • WPScan
    • GitHack
    • Chisel
      • Proxychains/Sock
    • Hydra
    • Msfvenom
    • CrackMapExec
    • Psexec
    • BloondHound
    • Rpcclient
    • Ldapdomaindump
    • Evil-wmr
    • Burpsuite
    • KeyHunter
  • 📡Ports
    • 21 - FTP
    • 22 - SSH
    • 25 - SMTP
    • 53 - DNS
    • 443 - HTTPS
    • 139;445 - SMB
    • 3389 - RDP
    • 5985 - Wsman
  • 🍎Red - Bash Scripting
    • Pivoting
  • 🧙‍♂️Pentesting Methodology
    • Pivoting
      • Ligolo-ng
  • 🌐OSINT
    • Gps-Coordinates
    • GPG
    • Sherlock
    • Whatsmyname
    • Wiggle
    • Image & Geospatial Intelligence
    • FFmpeg - Geolocating Videos
  • 🗒️TO-DO
  • 🕷️HTB-CBBH
    • Web Requests - Fundamentals
      • HTTP Fundamentals
        • HyperText Transfer Protocol (HTTP)
          • Hypertext Transfer Protocol Secure (HTTPS)
        • HTTP Requests and Responses
        • HTTP Headers
      • HTTP Methods
        • HTTP Methods & Codes
        • GET
        • POST
        • CRUD API
    • Introduction to Web Applications - Fundamentals
      • Front Components & Vulns
      • Back End Components & Vulns
    • Hacking WordPress
      • Info
      • Enumeration
      • Exploitin
    • Using Web Proxies
      • Web Proxy
      • Web Fuzzer
      • Extensions
    • Information Gathering - Web Edition
      • DNS & Subdomains
    • Attacking Web Applications with Ffuf
      • Fuzzing
    • JavaScript Deobfuscation
      • Deobfuscation & Decode
    • Cross-Site Scripting (XSS)
      • XSS Basics
      • XSS Phishing
      • Blind XSS - Session Hijacking
    • SQL Injection
      • Databases & Queries
      • SQL Injections
      • Exploitation
        • Database Enumeration
        • Reading Files
        • Writing Files
      • Skill Assessment
    • SQLMap Essentials
      • Building Attacks
Powered by GitBook
On this page
  • Configuration
  • Pre-Configured Browser
  • Proxy Setup
  • Installing CA Certificate
  1. Tools

Burpsuite

PreviousEvil-wmrNextKeyHunter

Last updated 22 days ago

Configuration

Pre-Configured Browser

To use the tools as web proxies, we must configure our browser proxy settings to use them as the proxy or use the pre-configured browser. Both tools have a pre-configured browser that comes with pre-configured proxy settings and the CA certificates pre-installed, making starting a web penetration test very quick and easy.

In Burp's (Proxy>Intercept), we can click on Open Browser, which will open Burp's pre-configured browser, and automatically route all web traffic through Burp:

Proxy Setup

In many cases, we may want to use a real browser for pentesting, like Firefox. To use Firefox with our web proxy tools, we must first configure it to use them as the proxy. We can manually go to Firefox preferences and set up the proxy to use the web proxy listening port. Both Burp and ZAP use port 8080 by default, but we can use any available port. If we choose a port that is in use, the proxy will fail to start, and we will receive an error message.

Note: In case we wanted to serve the web proxy on a different port, we can do that in Burp under (Proxy>Options), or in ZAP under (Tools>Options>Local Proxies). In both cases, we must ensure that the proxy configured in Firefox uses the same port.

Once we have the extension added, we can configure the web proxy on it by clicking on its icon on Firefox top bar and then choosing options:

Once we're on the options page, we can click on add on the left pane, and then use 127.0.0.1 as the IP, and 8080 as the port, and name it Burp or ZAP:

Note: This configuration is already added to Foxy Proxy in PwnBox, so you don't have to do this step if you are using PwnBox.

Finally, we can click on the Foxy Proxy icon and select Burp.

Installing CA Certificate

Another important step when using Burp Proxy/ZAP with our browser is to install the web proxy's CA Certificates. If we don't do this step, some HTTPS traffic may not get properly routed, or we may need to click accept every time Firefox needs to send an HTTPS request.

We can install Burp's certificate once we select Burp as our proxy in Foxy Proxy, by browsing to http://burp, and download the certificate from there by clicking on CA Certificate:

We can also change our certificate by generating a new one with the Generate button.

After that, we can select the Authorities tab, and then click on import, and select the downloaded CA certificate:

Finally, we must select Trust this CA to identify websites and Trust this CA to identify email users, and then click OK:

Once we install the certificate and configure the Firefox proxy, all Firefox web traffic will start routing through our web proxy.

Instead of manually switching the proxy, we can utilize the Firefox extension to easily and quickly change the Firefox proxy. This extension is pre-installed in your PwnBox instance and can be installed to your own Firefox browser by visiting the and clicking Add to Firefox to install it.

Foxyproxy Options
Foxyproxy Add

Once we have our certificates, we can install them within Firefox by browsing to , scrolling to the bottom, and clicking View Certificates:

Cert Firefox
Import Firefox Cert
🧰
Foxy Proxy
Firefox Extensions Page
about:preferences#privacy