Welcome to watch this tutorial. This tutorial will be updated on June 2, 2023. It will solve all the problems in the installation process of Brup_Suite and ensure that you can install and use it.
Table of contents
2. Download and install Brup_Suite
Three, configure the JAVA environment
Five, BurpSuite function module introduction
1. Introduction to Brup_Suite
Burp Suite is an integrated platform for attacking web applications. It contains many Burp tools. These different Burp tools work together to effectively share information and support attacks based on information in one tool for use by another tool.
It is mainly used for security penetration testing, and can implement interception requests, Burp Spider crawlers, vulnerability scanning (paid) and other functions similar to Fiddler and Postman but more powerful than them.
We also use this tool when doing web security testing.
2. Download and install Brup_Suite
Baidu Netdisk: Full set of latest version link: https://pan.baidu.com/s/1IUHUtqsWMQVyhVrh65kE2g
Extraction code: 1111
Official website download: Burp Suite Release Notes
Note: It cannot be placed in the Chinese directory, otherwise it will not run
Three, configure the JAVA environment
Here the wooden man will explain in detail: When the wooden man installed Brup_Suite, he encountered java and was very dependent on the Java environment. I used version 17.0.5
Configure the JAVA environment: https://blog.csdn.net/qq_59344199/article/details/128023120
Fourth, configure Brup_Suite
1. After downloading and decompressing, run it through the registration machine
2. After opening, click run to run
3. Copy Key to BurpSuite
4. Select manual activation when done
5. Perform manual activation ( see the serial number operation )
6. Done
This completes the configuration and your license has been successfully installed and activated.
7. A launcher is provided here
Create a text document in the directory and copy the data in the text box next to the registry Run
8. Paste the copied data into the text box, then save it, change the suffix of the text file to bat, then send the shortcut to the desktop, double-click to start
Five, BurpSuite function module introduction
➢ Dashboard: Dashboard, scan start, pause, used to display tasks, log information, etc.
➢Target: Set the target range (URL) of the work, as well as message filtering, message display and other functions
➢Proxy: a proxy server that intercepts HTTP/s requests, acts as a middleman between web browsers and servers, allowing interception and modification of data streams
➢Tester: Intrusion function, attacking web applications, exploiting vulnerabilities, fuzzing web applications, brute force cracking, etc.
➢Retransmitter: Manually trigger word HTTP requests and analyze application response packets
➢Sequencer: session module, a tool for analyzing the randomness of those unpredictable application session tokens and important data.
➢Decoder: It is a tool for manual execution or intelligent decoding and encoding of application data.
➢Comparator: compare modules and perform differential analysis on data
➢Plug-in extension: BP extension modules and third-party codes can be loaded
➢Setting module: you can set project, user and other information
6. Start using
In order to make it easier for everyone to understand, the wooden man here uses the Chinese version to show you
1. Here you can choose to delete or leave
2. Create a project
3. Enter the interface after completion
4. Let's export the certificate first
Setting proxy
The burp suite proxy tool intercepts all network traffic passing through the proxy, such as the client’s request data and the server’s return information, etc. by intercepting the proxy. Burp suite mainly intercepts the traffic of HTTP and HTTPS writing protocols. Through interception, Burp performs various processing on the request data of the client and the return information of the server in the way of a middleman, so as to achieve the purpose of security testing.
In daily work, the most commonly used web client is the web browser. We can intercept the traffic of the web browser by setting the proxy information, and process the traffic data passed through the burp proxy. After burp is running, the default local proxy port of Burp Proxy is 8080. As shown in the picture:
5. Choose where to save the certificate
PS: Pay attention! Notice! Notice! , the exported certificate name must have a suffix, otherwise it will not be recognized
6. After the export is successful, just close it directly, as follows:
The certificate is saved to our desktop
7. Then we open the Firefox browser (Firdox browser), configure the network and certificate
Firefox browser download
Baidu network disk download: https://pan.baidu.com/s/1Qo3HAQbdmrEs28TsgDMRYA
Extraction code: 1111
Download from the official website: Firefox Firefox browser - brand new, safe and fast | Official latest download
Settings - General - Network Settings
8. Configure the proxy
9. After the completion, we start to import the certificate
Privacy and Security - View Certificate
10. After the completion, let's not rush to the browser
11. Set here first
In this way, we can open the Firefox browser again to access normally!
At this point, Brup_suite is installed. For specific operations, you can refer to other materials to learn
If there is any problem, welcome to leave a message to the wooden man. If you like the wooden man, you can pay attention to it!
Finally, I wish you all the best on the computer road! ! !
Finally, I wish you all the best on the computer road! ! !
Finally, I wish you all the best on the computer road! ! !