IP: 172.25.200.200

Port: 9005

For this challenge, you’ll need to have Kali Linux open.

Search for Burp Suite and open the application

It will prompt you about the Java version. Just click ok.

Accept the terms and conditions: (Your firstborn will be claimed at some point, but I tend to cross those bridges when I come to them!)

Then we’ll create a temporary project.

Start it up!

At first, the number of tabs and options can be overwhelming. There’s certainly a lot there. Burp is primarily used as a proxy. Instead of sending your web requests directly to a target web server, you’ll send your request to Burp. Burp lets you stop the request, modify anything you want, and then send it to the target.

The first step any time you open Burp is to configure the proxy. Click on the ‘proxy’ tab and find ‘Options’. Deselect the box seen below.

If you look at the top of this window, you’ll see that our proxy will be listening on 127.0.0.1 on port 8080. We deselected a filter there that would exclude certain traffic from being caught by the proxy. We want to catch everything.

Burp ships with a browser preconfigured to use this proxy on localhost:8080. (Any browser with a proxy extension could be configured to use this proxy, but Burp makes it easy for us to open a web browser and start intercepting requests without having to take the extra steps involved with installing a proxy addon within a standalone web browser.)