Intercept and Forward HTTP Traffic in Burp Proxy

Introduction

Burp Suite is a powerful platform for performing security testing of web applications. One of its most fundamental tools is the Burp Proxy, which allows you to intercept, inspect, and modify traffic between your browser and a web server.

In this lab, you will learn the basic workflow of using Burp Proxy. You will enable interception mode, make a request from a web browser, view the captured HTTP request in Burp Suite, and then forward it to the destination server. This skill is the foundation for nearly all web application testing tasks performed with Burp Suite. The lab environment has Burp Suite and a pre-configured browser ready for you to use.

Enable Intercept Mode in the Proxy > Intercept Tab

In this step, you will launch Burp Suite and enable the interception feature, which is the first step to capturing web traffic.

First, launch the Burp Suite application. You can find its icon on the desktop.

Double-click the Burp Suite Community Edition icon on the desktop.
A dialog box titled "Project" may appear. Select Temporary project and click Next.
Another dialog box "Burp configuration" may appear. Select Use Burp defaults and click Start Burp.

Once Burp Suite has loaded, you need to navigate to the Proxy tool and enable interception.

Click on the Proxy tab at the top of the window.
Within the Proxy tab, make sure you are on the Intercept sub-tab.
You will see a button that says Intercept is off. Click this button to enable interception.

The button's text will change to Intercept is on, and it will appear pressed in. This indicates that Burp Proxy is now ready to capture any requests made by the configured browser.

Make a Request in Your Browser

Now that interception is enabled in Burp Suite, you will make a request from the web browser. Burp Proxy will capture this request before it reaches the server. The browser in this lab environment is already configured to send its traffic through Burp Proxy.

Open the Firefox web browser. You can find its icon on the desktop or in the application panel.
In the address bar at the top of the browser, type the following URL and press Enter:

http://127.0.0.1:8000

After you press Enter, you will notice that the browser tab shows a loading icon, but the page does not load. This is the expected behavior. The request has been sent from the browser but is now "stuck" in Burp Proxy, waiting for you to inspect and forward it.

View the Intercepted Request in Burp Suite

In this step, you will switch back to Burp Suite to view the HTTP request that you just made from the browser.

Return to the Burp Suite window. The Proxy > Intercept tab, which was previously empty, now contains the full HTTP request that your browser sent.

You will see the raw request text, which looks something like this:

GET / HTTP/1.1
Host: 127.0.0.1:8000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

Take a moment to examine the different parts of the request:

Request Line: GET / HTTP/1.1 shows the method, the path, and the HTTP version.
Headers: Lines like Host and User-Agent provide additional information to the server about the request and the client making it.
Body: For a GET request like this one, the body is empty.

This view is critical for understanding and manipulating how a web application works.

Click the 'Forward' Button to Send the Request to the Server

After inspecting the request, the next action is to allow it to continue to its intended destination, which is our local web server.

In the Proxy > Intercept tab in Burp Suite, you will see several buttons at the top of the request panel: Forward, Drop, Action, etc.

Click the Forward button.

After you click Forward, the request will disappear from the Intercept view. Burp Suite has now sent the request to the server at 127.0.0.1:8000.

Now, switch back to your Firefox browser. The page should now load, and you will see the text "Welcome to the LabEx Test Page!". This confirms that the request was successfully forwarded to the server, and the server's response was sent back to and rendered by the browser.

Disable Intercept Mode to Allow Traffic to Flow Freely

Finally, you will learn how to disable intercept mode. It is crucial to turn off interception when you are not actively inspecting traffic; otherwise, all your browsing will be blocked.

Return to the Burp Suite window and ensure you are on the Proxy > Intercept tab.
Click the Intercept is on button.

The button's text will change back to Intercept is off, and it will no longer appear pressed. Now, Burp Proxy will allow all traffic to pass through without stopping for inspection.

To confirm this, return to the Firefox browser and refresh the page (you can press F5 or the reload button). The page will reload instantly, without any delay, because the request is no longer being held by Burp Suite.

Summary

In this lab, you have successfully learned the fundamental workflow of using Burp Proxy to intercept and forward HTTP traffic.

You practiced the following key skills:

Enabling and disabling intercept mode in the Proxy > Intercept tab.
Capturing a live HTTP request from a browser as it is being made.
Viewing the raw contents of an intercepted request to understand its structure.
Forwarding the request to the server to allow the communication to complete.

This basic skill is the foundation for more advanced web security testing techniques, such as modifying requests and responses to test for vulnerabilities.