Purpose To capture, modify, and control requests originating from Web Applications. It allows one to look for security vulnerabilities in the application by simulating the steps an attacker might take to modify and tamper requests going to the server.
It’s a very powerful utility within Burp Suite that can be used to intercept HTTP requests from websites proxied through Burp, modify them, and pass them over to the target server. In this part of the series, some useful features of the Burp Proxy are explained.īurp Proxy is a core feature of Burp Suite.
This series primarily focuses on the core features of Burp Suite, from the basics to an in-depth overview of maximizing productivity in penetration tests using Burp Suite. However, Burp Suite may need some tweaking, depending on the network configuration of the application. Not just web applications, the Burp Proxy is capable of proxying through requests from almost any application like Thick Clients, Android apps, or iOS apps, regardless of what device the web app is running on if it can be configured to work with a network proxy. Burp Suite acts as a proxy that allows pentesters to intercept HTTP requests and responses from websites.
