• Skip to main content
  • Skip to primary sidebar

Technipages

Smart phone, gadget and computer tutorials

  • Topics
    • Android
    • Gaming
    • Hardware
    • Internet
    • iOS
    • MacOS
    • Office
    • Software
    • Windows
    • Definitions
  • Product Reviews
  • Downloads
  • About
How to Set up a Proxy Listener in Burp Suite

How to Set up a Proxy Listener in Burp Suite

Posted on November 14, 2020 by Mel Hawthorne Leave a Comment

The primary purpose of Burp Suite is to intercept and modify web traffic as part of a penetration test. To be able to do intercept web traffic you need to configure your browser or operating system to redirect traffic through the Burp proxy. By default, the proxy starts with Burp and binds to the loopback address on port 8080 “127.0.0.1:8080” but there are plenty of options for you to configure.

How to configure a proxy listener in Burp

To configure the proxy settings, you want to go to the “Options” sub-tab in the “Proxy” tab. In the “Proxy Listeners” section you can edit the current proxy listener, by selecting a listener and clicking “Edit”, or set up a second one by clicking “Add”.

Tip: To be operational the proxy listener must have the “running” checkbox on the left ticked.

Select a listener then click edit or add a new one.

When editing the proxy listener, the “Binding” tab allows you to configure which port number and which interface it binds to in the binding tab. You should use a port number should be between 1001 and 65535 as port numbers below 1000 can require extra permissions.

Binding to the loopback address means that the proxy is only available to the local computer. Alternatively, you can bind it to another IP address your computer has via the drop-down box, although it won’t explain what physical interface this relates to and whether other devices will be able to access it. Selecting “All interfaces” will make the proxy visible on all of the IP addresses your computer has.

Tip: Using IP addresses other than the loopback can allow you to configure other devices to proxy their traffic through your Burp instance. Remember that you’ll have to install the Burp certificate on those devices to monitor their HTTPS traffic. Please note that you need permission from the owner of the device to legally be able to do this and any users should be aware that you’re monitoring their network usage and will be able to see their passwords etc.

The “Binding” tab allows you to set the IP address and port number used by the proxy.

Other proxies, custom certificates, and TLS protocols

The “Request handling” tab allows you to configure a host and port number to where all requests will be redirected to the specified location regardless of what resource they requested. This option is used to forward traffic through another proxy.

“Force TLS” automatically upgrades all web requests to use HTTPS. This option can break some websites if they don’t support HTTPS. “Invisible proxying” enables support for devices that don’t support traditional proxy settings.

The “Request handling” tab allows burp to work with other proxies.

The “Certificate” tab allows you to configure how the HTTPS certificate works. “Generate CA-signed per-host certificates” is the default setting and should generally be used. “Self-signed” certificates will always generate certificate error messages. Specifying a “specific hostname” is only useful when performing invisible proxying to a single domain. If a specific certificate is required, you can import it with the “custom certificate” option.

The “Certificate” tab is used to configure which certificate is presented.

The “TLS Protocols” tab allows you to specify which TLS protocols you want Burp to support. By default, TLSv1-1.3 is supported. You can choose to disable any of those options or enable SSLv2 or SSLv3 if you manually specify the protocols. This should only be used if you want to specifically test a single protocol or can’t connect to a legacy device.

The “TLS Protocols” tab is used to configure which TLS protocols Burp can use to connect.

You Might Also Like

  • What Is Burp Suite?What Is Burp Suite?
  • How to Use Burp Suite RepeaterHow to Use Burp Suite Repeater
  • How to Use Burp Suite DecoderHow to Use Burp Suite Decoder
  • How to Filter the HTTP History in Burp SuiteHow to Filter the HTTP History in Burp Suite
  • How Does Burp Suite’s Intercept Function Work?How Does Burp Suite’s Intercept Function Work?
  • How to Add Websites to Burp Suite’s Target ScopeHow to Add Websites to Burp Suite’s Target Scope
  • How to Import Burp Suite’s HTTPS Certificate in WindowsHow to Import Burp Suite’s HTTPS Certificate in Windows
  • How to Automatically Replace Data in a Web Response With Burp SuiteHow to Automatically Replace Data in a Web Response…
  • How to Configure Burp Suite to Intercept Network TrafficHow to Configure Burp Suite to Intercept Network Traffic

Filed Under: Software

Reader Interactions

Did this help? Let us know! Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Recent Posts

  • WhatsApp 2021: What Features to Expect
  • Troubleshooting Zoom Error 1005
  • Google Duo on Android: How To Enable Data Saving Mode
  • Troubleshooting Zoom Error Code 3113
  • Windows 10: How to Fix Skypebridge.exe Errors
  • Zoom: How to Prevent Chats From Being Muted
  • Zoom: How to Receive Notifications for Messages You’re Following
  • Zoom: How to Configure the Size of Captions

Who’s Behind Technipages?

Baby and Daddy My name is Mitch Bartlett. I've been working in technology for over 20 years in a wide range of tech jobs from Tech Support to Software Testing. I started this site as a technical guide for myself and it has grown into what I hope is a useful reference for all.

Follow me on Twitter, or visit my personal blog.

You May Also Like

  • Proxy Server

© Copyright 2021 Technipages · All Rights Reserved · Privacy