Setting Up Firefox To Work With Burp Suite (HTTP And HTTPS)

Home » How To Setup Burpsuite With Firefox » Setting Up Firefox To Work With Burp Suite (HTTP And HTTPS)

Maybe your like

  • Book Overview & Buying Hands-On Application Penetration Testing with Burp Suite
  • Table Of Contents Toc
  • Feedback & Rating feedback
Hands-On Application Penetration Testing with Burp Suite

Hands-On Application Penetration Testing with Burp Suite

By : Carlos A. Lozano , Dhruv Shah, Ahemed Walikar
2 (2) Buy this Book close close Hands-On Application Penetration Testing with Burp Suite

Hands-On Application Penetration Testing with Burp Suite

2 (2)
By: Carlos A. Lozano , Dhruv Shah, Ahemed Walikar
Buy this Book

Overview of this book

Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks. The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application. By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite. Table of Contents (14 chapters) close close close Preface Icon Preface Icon Who this book is for Icon What this book covers Icon To get the most out of this book Icon Get in touch Lock Free Chapter 1 Configuring Burp Suite Icon Configuring Burp Suite Icon Getting to know Burp Suite Icon Setting up proxy listeners Icon Managing multiple proxy listeners Icon Working with non-proxy-aware clients Icon Creating target scopes in Burp Suite Icon Working with target exclusions Icon Quick settings before beginning Icon Summary 2 Configuring the Client and Setting Up Mobile Devices chevron up Icon Configuring the Client and Setting Up Mobile Devices Icon Setting up Firefox to work with Burp Suite (HTTP and HTTPS) Icon Setting up Chrome to work with Burp Suite (HTTP and HTTPS) Icon Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS) Icon Additional browser add-ons that can be used to manage proxy settings Icon Setting system-wide proxy for non-proxy-aware clients Icon Setting up Android to work with Burp Suite Icon Setting up iOS to work with Burp Suite Icon Summary 3 Executing an Application Penetration Test Icon Executing an Application Penetration Test Icon Differences between a bug bounty and a client-initiated pentest Icon Initiating a penetration test Icon Why Burp Suite? Let's cover some groundwork! Icon Why Burp Suite Scanner? Icon Summary 4 Exploring the Stages of an Application Penetration Test Icon Exploring the Stages of an Application Penetration Test Icon Stages of an application pentest Icon Getting to know Burp Suite better Icon Summary 5 Preparing for an Application Penetration Test Icon Preparing for an Application Penetration Test Icon Setup of vulnerable web applications Icon Reconnaissance and file discovery Icon Testing for authentication via Burp Icon Summary 6 Identifying Vulnerabilities Using Burp Suite Icon Identifying Vulnerabilities Using Burp Suite Icon Detecting SQL injection flaws Icon Detecting OS command injection Icon Detecting XSS vulnerabilities Icon Detecting XML-related issues, such as XXE Icon Detecting SSTI Icon Detecting SSRF Icon Summary 7 Detecting Vulnerabilities Using Burp Suite Icon Detecting Vulnerabilities Using Burp Suite Icon Detecting CSRF Icon Detecting Insecure Direct Object References Icon Detecting security misconfigurations Icon Detecting insecure deserialization Icon Detecting OAuth-related issues Icon Detecting broken authentication Icon Summary 8 Exploiting Vulnerabilities Using Burp Suite - Part 1 Icon Exploiting Vulnerabilities Using Burp Suite - Part 1 Icon Data exfiltration via a blind Boolean-based SQL injection Icon Executing OS commands using an SQL injection Icon Executing an out-of-band command injection Icon Stealing session credentials using XSS Icon Taking control of the user's browser using XSS Icon Extracting server files using XXE vulnerabilities Icon Performing out-of-data extraction using XXE and Burp Suite collaborator Icon Exploiting SSTI vulnerabilities to execute server commands Icon Summary 9 Exploiting Vulnerabilities Using Burp Suite - Part 2 Icon Exploiting Vulnerabilities Using Burp Suite - Part 2 Icon Using SSRF/XSPA to perform internal port scans Icon Using SSRF/XSPA to extract data from internal machines Icon Extracting data using Insecure Direct Object Reference (IDOR) flaws Icon Exploiting security misconfigurations Icon Using insecure deserialization to execute OS commands Icon Exploiting crypto vulnerabilities Icon Brute forcing HTTP basic authentication Icon Brute forcing forms Icon Bypassing file upload restrictions Icon Summary 10 Writing Burp Suite Extensions Icon Writing Burp Suite Extensions Icon Setting up the development environment Icon Writing a Burp Suite extension Icon Executing the extension Icon Summary 11 Breaking the Authentication for a Large Online Retailer Icon Breaking the Authentication for a Large Online Retailer Icon Remembering about authentication Icon Large online retailers Icon Performing information gathering Icon Summary 12 Exploiting and Exfiltrating Data from a Large Shipping Corporation Icon Exploiting and Exfiltrating Data from a Large Shipping Corporation Icon Discovering Blind SQL injection Icon Summary 13 Other Books You May Enjoy Icon Other Books You May Enjoy Icon Leave a review - let other readers know what you think close close Customer Reviews 2 (2) 5 star 0% 4 star 0% 3 star 50% 2 star 0% 1 star 50% Icon Icon

Setting up Firefox to work with Burp Suite (HTTP and HTTPS)

Firefox has been a hacker favorite for quite some time now. This is largely due to a plethora of add-ons that allow you to extend its features and abilities. One of the primary advantages that Firefox has over other browsers in the industry is its ability to use proxy settings that are not tied with the operating system.

Firefox can be set up to use a specific proxy, even if the operating system has a separate system proxy set. This allows for various tools that require a separate proxy to be used in conjunction with Firefox, while ensuring Firefox does take a separate route.

Remember, no browsers, including Firefox, have separate proxy settings for the private/incognito mode.

To set up proxy options in Firefox, take the following steps:

  1. On Windows, click on the three dashes in the right top corner of any tab and select Options from the menu. For Linux and OS X systems, the option to select is called Preferences.
  2. Scroll right to the...
Visually different images Read this chapter and the full book FREE of cost - No Credit card required! Plus access over 8,000 other expert tech books and videos just by signing up - No commitment! CONTINUE READING 83 Tech Concepts 36 Programming languages 73 Tech Tools Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos. Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech. Icon 50+ new titles added per month and exclusive early access to books as they are being written. Hands-On Application Penetration Testing with Burp Suite Previous Section End of Chapter 2 Next Chapter notes bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

Small Default Large Largest margin-width Margin width

Change margin width

Narrow Default Wide day-mode Day/Sepia/Night Modes

Change background colour

Day day-mode Sepia sepia-mode Night night-mode Close icon Search Country selected Close icon Your notes and bookmarks All Bookmarks Notes

Confirmation

Modal Close icon claim successful Order Page Read Now

Buy this book with your credits?

Modal Close icon Are you sure you want to buy this book with one of your credits? Close YES, BUY

Submit Your Feedback

Modal Close icon Submit ✓ Thanks for your feedback.

Create a Free Account To Continue Reading

Modal Close icon Google Sign Up/In with Google Github Sign Up/In with Github OR
    First name is required.
    Last name is required.

The Password should contain at least :

  • 8 characters
  • 1 uppercase
  • 1 number
Notify me about special offers, personalized product recommendations, and learning tips By signing up for the free trial you will receive emails related to this service, you can unsubscribe at any time By clicking ‘Create Account’, you are agreeing to our Privacy Policy and Terms & Conditions Create Account Already have an account? SIGN IN

Sign in to activate your 7-day free access

Modal Close icon Google Sign Up/In with Google Github Sign Up/In with Github OR
By redeeming the free trial you will receive emails related to this service, you can unsubscribe at any time. Sign In Forgot Password?

Tag » How To Setup Burpsuite With Firefox