Configuring your external browser to work with Burp
Note: These steps are only necessary if you want to use an external browser for manual testing with Burp. If you prefer, you can just use Burp's embedded browser, which is preconfigured to work with Burp Proxy already. To access the embedded browser, go to the "Proxy" > "Intercept" tab, and click "Open Browser".
Once you have confirmed that the proxy listener is up and running, you need to configure your browser to use it as its HTTP proxy server. To do this, you change your browser's proxy settings to use the proxy host address (by default,
127.0.0.1) and port (by default,
8080) for both HTTP and HTTPS protocols, with no exceptions. This ensures that all HTTP and HTTPS traffic will pass through Burp. The details of how to do this vary by browser and version. Please refer to the relevant section below based on which browser you intend to use with Burp.
Check your browser proxy configuration
When you've configured your browser, you need to test that it is working properly by performing the following steps. If anything does not happen in the way described below, there is a problem with your browser configuration. In this case, please refer to the troubleshooting page.
- Make sure you have checked that the proxy listener is active and have configured your chosen browser.
- With Burp running, open the browser that you configured and go to any HTTP URL (don't use HTTPS for the moment). Your browser should sit waiting for the request to complete, that is, it should look like it is stuck trying to load a page. This is because Burp has intercepted the HTTP request that your browser is trying to send.
- In Burp, go to the "Proxy" tab and open the "Intercept" sub-tab. Both of these tabs should be highlighted. On the "Intercept" tab, you should see the intercepted HTTP request in the main panel.
- Notice the button that says "Intercept is on". If you click it, it will change to "Intercept is off" and the request will be released from Burp.
- Go back to your browser. You should now see the requested page loading as it would during normal browsing.
If everything went as described above, you have finished the mandatory configuration steps for using an external browser with Burp Suite. However, at the moment you will only be able to test web applications that exclusively use HTTP. If you try and access an HTTPS URL using your external browser, you will notice that the connection is blocked. Therefore, we strongly recommend that you perform the final additional step to install Burp's CA certificate so that you can also test applications using HTTPS.