Let's perform the following steps:
- Kali already has a free version of Burp, but we need a full version to fully use its features. Let's open up Burp:
-
Click on Start Burp and Burp will load up, as shown in the following screenshot:
- Before we start hunting for bugs, let's install some extensions that may come in handy. Select BApp Store from the Extender menu:
- We will see a list of extensions. Here are some of the extensions we have to install:
- J2EEScan
- Wsdler
- Java Deserialization Scanner (DS)
- Heartbleed
- Click Install after selecting each of these extensions.
- Let's prepare ourselves for scanning. Fire up a browser and go to its preferences.
- Go to the Network settings:
- Add the proxy IP and port:
- Verify the IP and port with Burp's proxy options:
- Click Intercept is on to start intercepting the requests:
- Let's browse the website we need to scan:
- Once all requests are captured, go to Target and select the domain.
- To perform a scan, select individual requests and send them for an active scan:
-
- We can select the whole domain to send for an active scan:
- Go to the Scanner tab and choose Options. Here, we can tell the scanner exactly what we want it to look for in our application:
- We can see the results of our scan in the Scan queue tab:
- Clicking on any of the requests will show us details about the vulnerabilities that were found on that URL:
While we are using only a few extensions here, you can view the whole list and choose your own extensions too. Extensions are easy to set up.