🔀Web Proxies

Burp Suite

java -jar </path/to/burpsuite.jar>

Note: In case we wanted to serve the web proxy on a different port, we can do that in Burp under (Proxy>Options). We must ensure that the proxy configured in Firefox uses the same port.

Tip: If you prefer to use to a dark theme, you may do so in Burp by going to (User Options>Display) and selecting "dark" under (theme).

OWASP Zed Attack Proxy (ZAP)

sudo apt install zaproxy
https://www.zaproxy.org/download/
java -jar </path/to/zap>
zaproxy

Note: In case we wanted to serve the web proxy on a different port, we can do that in in ZAP under (Tools>Options>Local Proxies). We must ensure that the proxy configured in Firefox uses the same port.

Tip: If you prefer to use to a dark theme, you may do so in ZAP by going to (Tools>Options>Display) and selecting "Flat Dark" in (Look and Feel).

Foxy Proxy

Proxy Setup

Go to the options page, click on add on the left pane, and then use 127.0.0.1 as the IP, and 8080 as the port, and name it Burp or ZAP.

Installing CA Certificate

Burp Suite

https://portswigger.net/burp/documentation/desktop/external-browser-config/certificate/ca-cert-firefox

ZAP

To get ZAP's certificate, we can go to (Tools>Options>Dynamic SSL Certificate), then click on Save

Intercepting Responses

Burp Suite

Enable response interception

Proxy > Options
Intercept Server Responses > Intercept Response (enable)
CTRL + Shift + R to force a full refresh for the browser

find / -type f -name *.txt

%3Bfind+/+-type+f+-name+%2Atxt%3B

PreviousWPSCAN NextLog Poisoning

Last updated 3 years ago