rce-serialization-dotnet

Install and Configure Burp Suite Community Edition

This section covers how to install Burp Suite and configure it for use with a proxy and certificate.

Install and Launch Burp Suite

  1. Download and install Burp Suite Community Edition. This also requires user registration at PortSwigger.

  2. Launch Burp Suite. Community Edition allows only in-memory project. Click Next.

  3. Leave Use Burp Defaults selected and click Start Burp.

Configure Proxy

  1. Add FoxyProxy Basic browser add-in for your preferred browser.

  2. Launch FoxyProxy Basic.

    Launch FoxyProxy

  3. Select Options.

    Select Options

  4. Add a proxy with the following settings and click Save.

    Setting Value Description
    Title Hackerz Name of the proxy
    Hostname 127.0.0.1 Local host
    Port 8080 Default port for Burp Suite

    Add Proxy

  5. Enable the Hackerz Proxy. Browsing any non-local site will result in a “No Internet” connection error until Burp Suite is started. Select Disable when done with Burp Suite.

    Enable Proxy

Configure the Burp Suite Certificate

  1. Return to the browser with FoxyProxy Basic enabled and navigate to http://burpsuite.

  2. Click CA Certificate. Save the certificate locally.

    Burp Certificate

  3. Right-click on the certificate in Windows Explorer and select Install Certificate.

    Install Certificate

  4. Leave Current User selected and click Next.

  5. Select Place all certificates in the following store, click Browse and select the Trusted Certificate Authorities store. Click Next.

    Trust Certificate

  6. Click Finish.

Confirm Proxy Capture in Burp Suite

  1. Return to the browser with FoxyProxy Basic enabled and navigate to https://demo.owasp-juice.shop/ or http://localhost:88 if running the container.

  2. Return to Burp Suite and navigate to the Proxy HTTP History tab. This will show the requests and will be a launching point for penetration testing.

    Validate Burp Suite Proxy

This site is open source. Improve this page.