As we discussed in the previous article, Burp Suite offers a complete arsenal of tools for security testing and ethical hacking.
In this article, we’re going to show how are we going to configure Burp Suite to use SSL as well as demonstrating some real-life examples of using Burp Suite.
Configuring Burp Suite to intercept SSL requests
As we mentioned before, Burp Suite has a self-signed Root CA (Certificate Authority). This CA is able to automatically generate and sign a certificate for every website you visit, but if you don’t whitelist this Root CA in your browser, Burp Suite won’t be able to intercept SSL requests properly.
Let’s configure the browser to trust Burp Suite’s Root CA.