LabEx
Log InJoin Free

Configure Initial Proxy Listener in Burp Suite

Beginner
Practice Now

Introduction

Welcome to this lab on configuring the initial proxy listener in Burp Suite. Burp Suite is a powerful platform for performing security testing of web applications. One of its core components is the Burp Proxy, which acts as an intermediary between your browser and the target web application.

The proxy listener is the specific component that listens for incoming connections from your browser. Before you can start intercepting and analyzing web traffic, you must ensure the proxy listener is correctly configured and running.

In this lab, you will learn the fundamental first steps of working with Burp Suite: launching the application, creating a project, and inspecting the default proxy listener configuration.

Launch Burp Suite Community Edition

In this step, you will launch Burp Suite Community Edition. Although it is a graphical user interface (GUI) application, we will start it from the terminal. This allows us to see any potential output or errors during startup.

First, open a terminal from the application menu. The terminal will open in the default directory, /home/labex/project.

Now, run the following command to start Burp Suite. The & symbol at the end runs the application in the background, which frees up your terminal for other commands.

burpsuite &

After a few moments, you will see the Burp Suite splash screen, followed by a startup dialog window.

Create a Temporary Project

In this step, you will create a temporary project in Burp Suite. When Burp Suite starts, it first asks you how you want to handle project data.

You will see a dialog box with options for the project. For this lab, we don't need to save our work, so a temporary project is sufficient.

  1. In the startup dialog, ensure that Temporary project is selected.
  2. Click the Next button.
  3. The next screen asks about the project configuration. We will use the default settings. Ensure Use Burp defaults is selected.
  4. Click the Start Burp button.

After clicking, the main Burp Suite window will open, presenting you with the main dashboard. You are now ready to start using the tool.

Navigate to the Proxy > Options Tab

In this step, you will navigate to the Proxy Options tab to view the listener settings. This is where all proxy-related configurations are managed.

Once Burp Suite is fully loaded, you will see the main window with a series of tabs at the top.

  1. Look for the row of tabs at the top of the window: Dashboard, Target, Proxy, Intruder, etc.
  2. Click on the Proxy tab.
  3. Within the Proxy tab, there are several sub-tabs: Intercept, HTTP history, WebSockets history, and Options. Click on the Options sub-tab.

You are now in the Proxy Options screen. The first section you'll see is "Proxy Listeners," which is the focus of our next step.

Verify the Default Proxy Listener on 127.0.0.1:8080

In this step, you will verify that Burp Suite has a proxy listener running by default.

In the "Proxy Listeners" panel, you will see a table. By default, Burp Suite automatically creates and activates a listener on the loopback interface. You should see an entry with the following details:

  • Interface: 127.0.0.1:8080

This configuration means that Burp's proxy is listening for connections on port 8080, but only from the local machine (127.0.0.1 or localhost). This is a secure default, as it prevents other computers on the network from connecting to your Burp instance.

To confirm this from the command line, you can use the ss (socket statistics) command to check for listening ports. In your terminal, run the following command:

ss -ltn | grep 8080

You should see output indicating that a service is listening on port 8080.

LISTEN 0      50         127.0.0.1:8080      0.0.0.0:*

This confirms that the Burp Suite proxy listener is active and ready to accept connections.

Understand the 'Running' Checkbox for the Listener

In this step, you will learn how to enable and disable the proxy listener using the 'Running' checkbox in the Burp Suite UI. This is useful when you want to temporarily stop intercepting traffic without shutting down Burp Suite entirely.

  1. Go back to the Burp Suite window, in the Proxy > Options tab.
  2. Locate the checkbox in the "Running" column for the 127.0.0.1:8080 listener. It should currently be checked.
  3. Uncheck the box. The listener is now stopped.

To verify this, run the ss command again in your terminal:

ss -ltn | grep 8080

This time, the command should produce no output, because nothing is listening on port 8080.

Now, let's re-enable it.

  1. Go back to Burp Suite and check the "Running" box again. The listener will immediately restart.
  2. Run the ss command one last time to confirm it's active again.
ss -ltn | grep 8080

You should see the LISTEN state again, confirming the listener is back online.

LISTEN 0      50         127.0.0.1:8080      0.0.0.0:*

Summary

In this lab, you successfully launched Burp Suite Community Edition and explored its initial configuration.

You learned how to create a temporary project, navigate to the Proxy > Options tab, and verify the default proxy listener on 127.0.0.1:8080. You also practiced enabling and disabling the listener using the "Running" checkbox, a crucial skill for managing traffic interception.

This foundational knowledge is essential for setting up Burp Suite to intercept and analyze web traffic in future security testing scenarios.