How Do I... Burp Suite Web Proxy

Posted by interlockroc on Thu 01 October 2015

We'll be continuing our seminar series showing the basics of various tools for each of Interlock's interest groups. In October, we'll have our first How Do I (HDI) related to security -- Burp Suite.

Burp Suite is an HTTP/HTTPS proxy tool that can help you better understand how a web application works. Designed for security, it allows anyone to man-in-the-middle(MITM) web traffic, learn how a web application works, and manipulate the traffic to see how the application responds. Uses include:

- debugging your web application to find why it doesn't work
- identifying and exploiting security vulnerabilities
- using it to inspect mobile traffic
- answering the question ... "I wonder how that works"

The seminar will start with a basic presentation about the Burp Suite tools which is provided free to download.[0] The class will walk through identifying vulnerabilities in a demo web site. All attendees are expected to bring a laptop (Linux, OSX, or Windows) or coordinate borrowing one before the workshop. If you have the ram to support it, it's also recommended you run Vmware Player / Workstation / Fusion on your system.

If you're interested, please RSVP on the meetup site below. As always, the workshop is open to the public for free. Please consider dropping a few dollars in the donation bucket.