login

Burp Suite, the leading toolkit for web application security testing

Intercepting Requests and Responses

The Intercept tab is used to display and modify HTTP requests and responses that are passing between your browser and web servers. The ability to monitor, intercept and modify all HTTP messages is a core part of Burp's user-driven workflow. In Burp Proxy's options, you can configure interception rules to determine exactly what requests and responses are stalled for interception (for example, in-scope items, items with specific file extensions, requests with parameters, etc.).

Controls

When an intercepted HTTP message is being displayed, the details of the destination server (protocol, hostname, port and IP address) are shown at the top of the panel. The panel also contains the following controls:

Note: You can also use hotkeys to forward or drop intercepted messages. By default, Ctrl+F is used to forward the current message. You can modify the default hotkeys in the suite options.

Message Display

The main panel of the Intercept tab contains an HTTP message editor that shows the currently intercepted message, allowing you to analyze the message and perform numerous actions on it.

The editor context menu contains numerous useful items. In addition to the standard functions provided by the editor itself, the following actions are available:

User Forum

Get help from other users, at the Burp Suite User Forum:

Visit the forum ›

Monday, October 8, 2012

v1.5rc3

This release fixes a bug which was introduced in the v1.5rc2 release, and which caused the active scan checks for XSS to fail to execute in some situations

See all release notes ›

Copyright © 2012 PortSwigger Ltd. All rights reserved.