Intercepting Requests and Responses
The Intercept tab is used to display and modify HTTP requests and responses
that are passing between your browser and web servers. The ability to monitor, intercept and modify all HTTP messages is a core
part of Burp's user-driven workflow. In Burp Proxy's options, you can
configure interception rules to
determine exactly what requests and responses are stalled for interception (for
example, in-scope items, items with specific file extensions, requests with
parameters, etc.).
Controls
When an intercepted HTTP message is being displayed, the details of the
destination server (protocol, hostname, port and IP address) are shown at the
top of the panel. The panel also contains the following controls:
- Forward - When you have reviewed and (if required)
edited the message, click "Forward" to send the message on to the server
or browser.
- Drop - Use this to abandon the message so that it
is not forwarded.
- Interception is on/off - This button is used to
toggle all interception on and off. If the button is showing "Intercept
is on", then requests and responses will be intercepted or automatically
forwarded according to the configured
interception rules
configured in the Proxy options. If the button is
showing "Intercept is off" then all messages will be automatically
forwarded.
- Action - This shows a menu of available actions
that can be performed on the currently displayed message. These are the
same options that appear on the context menu of the intercepted
message display.
- Comment field - This lets you add a comment to
interesting requests or responses, to easily identify them later.
Comments added in the intercept panel will appear in the relevant item
in the Proxy history.
Further, if you add a comment to a request, the comment will appear
again if the corresponding response is also intercepted.
- Highlight - This lets you apply a colored
highlight to interesting requests or responses. As with comments,
highlights will appear in the Proxy history and on intercepted
responses.
Note: You can also use hotkeys to forward or drop
intercepted messages. By default, Ctrl+F is used to forward the current
message. You can modify the default hotkeys in the
suite options.
Message Display
The main panel of the Intercept tab contains an
HTTP message editor that shows
the currently intercepted message, allowing you to analyze the message and
perform numerous actions on it.
The editor context menu contains numerous useful items. In addition to
the standard functions
provided by the editor itself, the following actions are available:
- Don't intercept requests/responses - These commands
allow you to quickly add an
interception rule to prevent future interception
of messages that share a specific feature with the currently displayed message (based
on the host, file extension, HTTP status code, etc.). If you are being bugged by
uninteresting requests or responses of a particular type, you can use this
option to automatically forward all such messages.
- Do intercept - Available for requests only, this allows you to
require that the response to the currently displayed request should be
intercepted.
User Forum
Get help from other users, at the Burp Suite User Forum:
Visit the forum ›
Monday, October 8, 2012
v1.5rc3
This release fixes a bug which was introduced in the v1.5rc2
release, and which caused the active scan checks for XSS to fail
to execute in some situations
See all release notes ›