Burp's Platform Authentication settings let you configure Burp to automatically carry out platform authentication to destination web servers. Different authentication types and credentials can be configured for individual hosts.
Windows Challenge/Response (NTLM) is the authentication protocol used on networks that include systems running the Windows operating system and on stand-alone systems. In this article we'll demonstrate how to configure Burp Suite with an application using NTLM authentication.
![Using_Burp_NTLM_1](/support/images/using_burp_ntlm_1.png)
NTLM credentials are based on data obtained during the interactive logon process and consist of a domain name, a user name, and a one-way hash of the user's password.
When an application is using NTLM authentication, you will need to configure Burp Suite to automatically carry out the authentication process.
![Using_Burp_NTLM_2](/support/images/using_burp_ntlm_2.png)
You can configure these settings at User Options > Connections > Platform Authentication.
Use the Add function to configure new credentials.
![Using_Burp_NTLM_3](/support/images/using_burp_ntlm_3.png)
Select the correct authentication type and add the appropriate credentials.
![Using_Burp_NTLM_4](/support/images/using_burp_ntlm_4.png)
With the credentials configured correctly, Burp automatically carries out the NTLM authentication, allowing access to the destination application web server.