Stratos Ally

Subscribe
Subscribe
Facebook-square Instagram Linkedin Youtube X-twitter

BurpSuite Proxy Tab – Intercept 

Picture of StratosAlly

StratosAlly

Facebook-square Instagram Linkedin Youtube X-twitter
BurpSuite Dashboard- Part 1

**Note: The content in this article is only for educational purposes and understanding of cybersecurity concepts. It should enable people and organizations to have a better grip on threats and know how to protect themselves against them. Please use this information responsibly.** 

Burp Proxy serves as an intermediary web proxy server, facilitating the examination and alteration of data transmitted between a browser and the applications it accesses. This tool is particularly useful for HTTPS traffic analysis. 

As a crucial element of the Burp Suite, which prioritizes user interaction, the Burp Proxy allows for the forwarding of requests to various tools within the suite. It seamlessly integrates with Burp’s dedicated browser, enabling direct interaction with the application under scrutiny. To initiate Burp’s browser, navigate to the Proxy menu, select Intercept, and then choose Open Browser. By doing so, Burp Proxy will automatically manage the browser’s traffic. 

Intercept Tab 

The Intercept tab under the Proxy section allows you to capture and analyze the HTTP communications between your browser and the server. This feature is instrumental in understanding the website’s response to user actions. 

Here are some practical applications of the intercept function: 

  • Capture a request and alter its contents before it continues to the server. 
  • Forward noteworthy requests to other components within Burp Suite, like the Repeater or Intruder, for in-depth examination. 
  • Cancel a request to stop it from being processed by the server. 

Controls 

Upon capturing a message, the Proxy > Intercept tab is populated with the request’s specifics. At the panel’s upper section, you can view and manually adjust the target server’s details for HTTP requests by selecting the Edit target option. 

The panel is also equipped with several controls: 

  • Forward - Inspect or modify the message, then use the Forward button to dispatch it to the intended target. 
  • Drop - To prevent the request from being transmitted to the target server, select Drop. 
  • Interception is on/off - This switch controls the interception status: 
  • When it indicates Intercept is on, it means messages are being captured. You can set up automatic forwarding for messages by adjusting the interception settings for HTTP and WebSocket communications. 
  • If it reads Intercept is off, Burp Suite will automatically relay all messages. 
  • Action - This button opens the main panel’s context menu, offering various operations like initiating scans or routing requests to other tools within Burp Suite 

Message Options 


The main panel’s message editor displays the message currently being intercepted. Here, you can examine the message and decide on the appropriate actions to take. 

Selecting Action will reveal the context menu, providing access to routine functions. Additionally, for HTTP messages, you have the option to: 

  • Don’t intercept requests/responses - Implement an interception rule to have Burp Suite automatically process messages with certain attributes, like host, file extension, or HTTP status code. This is useful for bypassing repetitive requests or responses that are not of interest. 
  • Do intercept - Use this option to capture the response associated with the request currently on display. This function is exclusive to requests. 

more Related articles

READ ALL