Signup/Sign In

Intercept Browser traffic in BurpSuite Proxy

Posted in Internet Security   MAY 26, 2023

    Ever wondered how we can play browser network traffic using Burp Suite? Well, we've got you covered with some easy steps to get you started. Let's dive right in!

    Here are some easy steps to intercept browser network traffic in BurpSuite:

    Step 1: Download and Install Burp Suite Proxy

    • Download latest version of Burp Suite Community Edition (no license required) from the official website:
    • Double-click on the executable file to install it.

    Step 2: Install FoxyProxy in browser

    Step 3: Configure Burp Suite

    • Launch Burp Suite CE on your machine with temporary project and with default settings.
    • Go to the “Proxy” tab in Burp Suite and click on the “Proxy settings” sub-tab.
    • Note the “Proxy listener” settings (e.g., Proxy listener address:, Proxy listener port: 8080).
    • Burp Suite Proxy Listener Settings

    Step 4: Configure FoxyProxy to use Burp Proxy

    • Open the FoxyProxy extension/add-on in your browser.
    • Click on the FoxyProxy icon and select “Options” or “Manage FoxyProxy” (exact option may vary).
    • Click on “Add New Proxy” or “New Proxy” to create a new proxy configuration.
    • Enter a name for the proxy (e.g., Burp Proxy).
    • In the “Proxy Details” section, enter the following:
      • Proxy Type: HTTP
      • IP address: (or the address specified in Burp Suite)
      • Port: 8080 (or the port specified in Burp Suite)
    • Save the proxy configuration.

    Burp Suite Proxy setup in Foxy Proxy

    Step 5: Enable FoxyProxy with Burp Suite Proxy

    • In the FoxyProxy extension/add-on, select the proxy configuration you created (e.g., Burp Suite Proxy).
    • Activate the proxy configuration by clicking on the FoxyProxy icon and selecting the proxy configuration you created.

    Enable Burp Suite Proxy in Foxy Proxy

    Step 6: Intercept HTTPS traffic

    Most of the website, we use on the internet have HTTPS (HTTP Secure) which is an SSL certificate is attached to allow communicating securely. When burp suite comes in between the browser and server, the browser refuses to connect and gives a warning.

    To solve this, we have to add a self-signed certificate from Burp Suite to trusted authority in the browser:

    1. Once, you configure FoxyProxy to use Burp proxy, Go to http://burp/.
    2. Click on the CA Certificate button (in the top right corner) to download the Burp CA certificate.Burp Suite CA cert download from http://burp/
    3. Open your browser and go to Settings > Security > Certificates.
    4. Click on the View Certificates button.
    5. Firefox / librewolf view security certificates
    6. Make sure you are on the Authority tab
    7. Import self signed CA certificate in firefox / librewolf browser
    8. Click on the Import button and select the Burp CA certificate that you downloaded in step 2.
    9. Import self signed CA certificate in firefox / librewolf browser
    10. Restart your browser.

    Once you have completed these steps, your browser will trust the self-signed certificate from Burp Suite. You will now be able to use Burp Suite to intercept and modify traffic from HTTPS websites.

    Step 7: Verify Interception in Burp Suite Proxy

    • Go back to Burp Suite Proxy and ensure that the “Intercept” tab is active.
    • Start browsing the web in your browser.
    • Burp Suite Proxy should now intercept the traffic between your browser and the websites you visit.

    Burp Suite Proxy intercepting HTTPS traffic

    Hope you found this article helpful while configuring browser and Burp Suite to intercept and manipulate HTTP and HTTPS network traffic.

    Hack for good!!

    About the author:
    Pradeep has expertise in Linux, Go, Nginx, Apache, CyberSecurity, AppSec and various other technical areas. He has contributed to numerous publications and websites, providing his readers with insightful and informative content.