Burp Suite: Difference between revisions

From charlesreid1
Line 40: Line 40:
sudo apt-get -y upgrade jarwrapper
sudo apt-get -y upgrade jarwrapper
</pre>
</pre>
=Links=
==Official Tutorials==
Tutorial 1: intercepting HTTP traffic: https://portswigger.net/burp/documentation/desktop/getting-started/intercepting-http-traffic
* Burp Proxy lets you intercept HTTP requests and responses sent between your browser and the target server
* Enables studying behavior of websites when different requests are sent
* Open BurpSuite and go to Proxy > Intercept
* Click Open Browser, which opens a built-in, embedded browser


=Flags=
=Flags=

Revision as of 20:01, 2 March 2022

Installing

Mac

Use the Mac installer provided by portswigger: https://portswigger.net/burp/communitydownload

Debian Linux

Dependencies

The jarwrapper library is required to install burpsuite: 

sudo apt-get install jarwrapper

Installing burpsuite with KaliTools

Use KaliTools to install burpsuite on a non-Kali machine: 

cd kali-tools
python3 kali.py burpsuite
cd dist/burpsuite
dpkg-buildpackage -us -uc -b
cd ../
sudo dpkg -i burpsuite_1.7.30-0kali1_all.deb
sudo apt-get upgrade burpsuite

Incompatible JRE

Ran into a problem with the Burp Suite community edition:

"Your JRE appears to be version 11.0.14 from Debian. Burp has not been fully tested on this platform and you may experience problems."

I used aptitude to install the openjdk-11-jre package, and that's the package causing the above error. It seemed like it should have been working fine. I tried upgrading jarwrapper, and that did the trick: 

sudo apt-get -y upgrade jarwrapper

Links

Official Tutorials

Tutorial 1: intercepting HTTP traffic: https://portswigger.net/burp/documentation/desktop/getting-started/intercepting-http-traffic

  • Burp Proxy lets you intercept HTTP requests and responses sent between your browser and the target server
  • Enables studying behavior of websites when different requests are sent
  • Open BurpSuite and go to Proxy > Intercept
  • Click Open Browser, which opens a built-in, embedded browser

Flags


Defcon.png
Kali Linux
"The quieter you become, the more you are able to hear."

Penetration testing Linux distribution.


Kali  · Category:Kali

Kali/Wireless Reboot


Kali Software:

Kali Tools

Kali Top 10

Aircrack  · Wireshark  · John the Ripper  · Nmap  · Metasploit Framework

Dsniff  · Tcpdump  · Hydra  · Sqlmap  · Burpsuite  · Commix

Dirbuster  · Valgrind


Attack Workflow:

Kali/Workflow

1 Physical Attacks: Kali/Layer 1 Attacks

2 Data/MAC Attacks: Kali/Layer 2 Attacks

3 Network Attacks: Kali/Layer 3 Attacks

4 Transport Attacks: Kali/Layer 4 Attacks

5 Session Attacks: Kali/Layer 5 Attacks

6 Presentation Attacks: Kali/Layer 6 Attacks

7 Application Attacks: Kali/Layer 7 Attacks


Red Team Blue Team

Metasploitable - Red Team

Metasploitable - Blue Team


Networking:

Kali/Hotspot  · Kali/OpenVPN  · Kali/OpenVPN/Hotspot  · Kali/OpenVPN/PIA

Kali/IPv6


Booting:

Kali/Dual Boot OS X  · Kali/Live USB  · Kali/Persistent USB


Installing:

Kali/Installing  · Kali/Post Install  · Kali/Fixes


Kali on Raspberry Pi:

Kali Raspberry Pi  · Kali Raspberry Pi/Installing  · Kali Raspberry Pi/Headless  · Kali Raspberry Pi/Post-Install


Category:Security  · Category:Wireless  · Category:Passwords  · Category:Man in the Middle

Flags  · Template:KaliFlag  · e




Retrieved from "https://charlesreid1.com/w/index.php?title=Burp_Suite&oldid=28987"