Burp Suite: Intercepting & Modifying HTTP Requests & Responses

Burp Suite is a powerful web application auditor with a huge range of features, from simple to advanced. One of its core features is an intercepting proxy server. This allows us to pass our web traffic through burp suite, allowing us to view and modify both our browsers request before it goes to the remote web server, and the web server’s response before it returns to our browser. A couple common request modifications: Add data to form submissions, modify hidden fields. View and modify browser AJAX data View and edit headers including cookies And a couple of common response modifications: Remove client side JavaScript (usually validations or other limitations) Add or remove cookies sent to the browser First, fire up Burp Suite, and browse to Proxy –> Options: […]