Introduction

The proxy tab is going to allow us to interact with requests and responses in real time and investigate the proxy history. This is the tab i will use most as it contains all of my latests requests and can also handle websockets in the pro version of burp.

Intercept

This is the basic landing tab of the proxy page. In here we have several options

• Put intercept on/off, if we enable intercept it will stop any request (even the ones not in scope) and allow you to edit, forward or drop requests
• Action, which allows us to perform a selection of actions on the current request that is being held by the interceptor
• Open browser, which allows us to open a builtin chromium browser that will automatically have the proxy set propperly. One thing i don't like about this browser is that it won't remember any plugins you install or any passwords you save.

HTTP history

Filter

If we click the filter bar at the top of the screen, we can some very useful filters.

1. Clicking the filter bar will open it for us
2. Showing only the paramterised requests will show us all the requests that allow us some kind of interaction with the server. These are the requests that i care about mosts as they talk to the API.
3. Filtering by mime type allows us to include or exclude certain types of files such as scripts or CSS files by checking or unchecking the checkbox respectively.
4. If we want to show or hide certain status codes, that's also possible like the 4xx status codes which are disabled by default