Below are some examples of configuring and using Burp Proxy. For more details, see the Burp Proxy help page.

Intercepting HTTP/S traffic - Burp Proxy operates as a man-in-the-middle between the end browser and the target web server, and allows you to intercept, inspect and modify the raw traffic passing in both directions. The regex-based search and highlight function can be used to quickly locate interesting strings such as form fields or error messages.

Easy editing of request parameters - Burp Proxy provides a tabular view of all URL, cookie and body parameters, allowing parameters to be easily edited or changed to different types:

Hex-editing of intercepted traffic - Burp Proxy allows you to modify intercepted traffic in hexadecimal form, so even transfers of binary data can be manipulated:

Deserialisation and rendering of the ASP.NET ViewState - In ASP.NET applications that make use of the ViewState, Burp Proxy will deserialise the ViewState request parameter, enabling you to quickly identify the information it contains, and confirm whether it is properly MAC-protected:

Full integration with other Burp Suite tools - Requests can be sent to other tools from both the intercept view and the history table. This allows specific requests to be used as the basis for an attack in Burp Intruder or Repeater, or added to the scope of the current Burp Spider session, or analysed in Burp Sequencer, Decoder or Comparer:

Full request and response history - Burp Proxy maintains a complete history of every request sent by the browser, and details of the server's response:

Request annotation - You can add your own comments and highlights to items in the history, to flag interesting items:

Display filters - You can set filters to hide items that you aren't interested in:

Browser access to request history - You can view the history, and reissue individual requests, from within the end browser by visiting http://burp

For detailed information about the configuration and use of Burp Proxy, see the help page.