Burp Suite is a GUI based tool for performing security testing of web applications. This tool contains a proxy server which let the user to intercept and manipulate the communication between the client and server. Other than the interception proxy this tool also contains many other features which are helpful when performing web application penetration testing. This tool is developed and maintained by PortSwigger Web Security.
Burp Suite has three editions. A community edition that can be downloaded free of charge. A professional and an Enterprise edition that can be purchased after a trial period.
In this article I’m going to show you how to install and configure burp suite community edition on your Ubuntu machine. There are two ways to install burp in your Linux machine.
- Using the standalone Java executable file (.jar)
- Using the Linux installer (.sh)
Installing Burp Suite Using The Standalone Java Executable File.
- First we need to make sure we have java installed in our Linux machine. Use the following command in your terminal to check that.
After you run the above the command your terminal should respond with the java version installed in your Linux machine. If you don’t have java installed make sure to install java by entering the following the command in your terminal.
sudo apt-get install openjdk-8-jre
- Now go ahead and download the .jar file of burp suite from the Portswigger website
- After downloading the file move the downloaded .jar file to wherever you want to keep it. For example i’m used to keep my optional software and packages in my /opt directory.
- Change the file permission of the .jar file to execute it as a normal user by entering the following command in your terminal.
chmod +x burpsuite_community_v1.7.36.jar
- Execute the .jar file using the following command.
Installing Burp Suite Using The Linux Installer
- Download the installer file from the Portswigger website.
- Run the installer using the following command.
- Now, Burp Suite Setup Wizard Will Appear.
- Complete the wizard and you are good to go.
- After Completing the setup wizard, search for “Burp Suite” (without quotes) in Ubuntu search. (You can get the Ubuntu search by pressing windows key + S in your keyboard)
Configuring Burp To Work With Your Browser
- First you need to confirm that burp proxy is active and working. To check that open burp and navigate to Proxy > Options and look in the Proxy listeners section.
You should see a table entry in the Proxy listener section as shown in the above image. Also make sure that the checkbox in the running column is ticked. If you get any problems when setting up the proxy, check out the help documentation on Proxy Listeners.
- Now you need to set up your browser to use burp proxy as its HTTP proxy. To do this you need to change your browser’s proxy settings.
- In Firefox, Go to Firefox menu and click on “Preferences” / “Options”
- Select the General Tab and scroll down to the end of general tab.
- At the end you will see the “Network Proxy” settings. Click on settings button.
- Select the “Manual proxy configuration” option.
- Enter your Burp Proxy listener address and the Burp Proxy listener port in the “HTTP Proxy” field (by default this is set to 127.0.0.1 8080).
- Make sure the “Use this proxy server for all protocols” box is checked.
- Delete anything that appears in the “No proxy for” field.
- Now click “OK” to close all of the options dialogs.
OK. That’s it for this tutorial. Thanks you for reading. Hope you enjoyed and learned something new. Feel free to leave feedback below, good or bad. How can we improve? What kind of tutorials would you like to see? Let us know in the comments! See you from the next tutorial.