How to install Burp Suite on Windows and configure it using FoxyProxy, including installing the CA certificate

By /

Step 1: Download and Install Burp Suite

  1. Download Burp Suite:
  2. Install Burp Suite:
    • Run the downloaded installer and follow the installation wizard to install Burp Suite.

Step 2: Install FoxyProxy Extension

  1. Install FoxyProxy for Firefox:
    • For Firefox, go to the Mozilla Add-ons site and search for “FoxyProxy Standard”. Click “Add to Firefox” and then “Add”.

Step 3: Configure Burp Suite

  1. Open Burp Suite:
    • Launch Burp Suite from the Start menu or desktop shortcut.
  2. Set Up Burp Proxy Listener:
    • Go to the “Proxy” tab and then the “Options” sub-tab.
    • Under “Proxy Listeners”, click “Add”.
    • Ensure the interface is set to 127.0.0.1 and the port is 8080 (default). Click “OK”.

Step 4: Configure FoxyProxy

  1. Open FoxyProxy Settings:
    • Click on the FoxyProxy icon in your browser toolbar.
    • Select “Options” to open the FoxyProxy settings.
  2. Add a New Proxy:
    • Click “Add New Proxy” or “Add” (depending on the version).
    • Fill in the details as follows:
      • Title/Description: Burp Suite
      • Proxy Type: HTTP
      • Proxy IP Address/Hostname: 127.0.0.1
      • Port: 8080
    • Click “Save”.
  3. Enable the Proxy:
    • In FoxyProxy, set the newly created proxy (Burp Suite) to be used for all URLs or specific patterns as needed.
    • Ensure the proxy is enabled.

Step 5: Install Burp Suite’s CA Certificate

  1. Download the CA Certificate:
    • In Burp Suite, go to the “Proxy” tab and then the “Intercept” sub-tab.
    • Ensure “Intercept is off” for now.
    • In your browser, navigate to http://burp or http://burp/cert.
    • Download the CA certificate.

For Firefox:

  1. Open Firefox Settings:
    • Click on the three horizontal lines in the top-right corner of Firefox, then go to “Settings”.
  2. Navigate to Certificates:
    • Go to the “Privacy & Security” tab on the left.
    • Scroll down to the “Certificates” section and click on “View Certificates”.
  3. Import the CA Certificate:
    • Go to the “Authorities” tab and click on “Import”.
    • Select the downloaded Burp Suite CA certificate file.
    • When prompted, check the box for “Trust this CA to identify websites” and click “OK”.

Step 6: Verify the Configuration

  1. Restart the Browser:
    • Close and reopen your browser.
  2. Enable Interception:
    • Go back to Burp Suite, ensure “Intercept is on”.
  3. Test HTTPS Interception:
    • Visit an HTTPS website in your browser. You should see the traffic being intercepted by Burp Suite.

Troubleshooting Tips

  • Ensure you have installed the CA certificate correctly and trusted it for identifying websites.
  • Double-check the proxy settings in FoxyProxy to ensure they are configured correctly.
  • Make sure Burp Suite’s proxy listener is active and running on 127.0.0.1:8080.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top