Burp Suite lets you see and change the web requests and responses that go between your browser and the web server. It also keeps a record of all the web traffic in the HTTP history tab under the Proxy tab. This can help you understand and test web applications, but sometimes it can be too much information to handle. For a beginner, it can also become overwhelming.
Don’t worry, Burp Suite do have solutions for that. Let's take a look at some useful solutions.
Define target Scope
The very first things you should to make your testing more efficient and focused is to define a target scope. The target scope is a set of rules that specify which web applications and resources are relevant for your testing. By defining your target scope, you can tell Burp Suite which items are in-scope, where you want to test and find security bugs, and which ones are out-of-scope.
To define a target scope, go to the Scope Settings sub-tab under Target tab (Left to the Proxy tab).
You can add or remove items from your scope by selecting and clicking Add
or Remove
from scope.
You can also use the Scope control panel at the bottom of the sub-tab to configure more advanced scope rules. For example, you can use wildcards, regular expressions, or IP ranges to define your scope. You can also exclude specific items from your scope using the Exclude from scope option.
You can also use the “Show only in-scope” items filter in the HTTP history to hide all the out-of-scope items and focus on your target. This can help you avoid wasting time and resources on irrelevant or unwanted web traffic.
Filter Bar in HTTP history
You can use the filter bar above the list of interactions to choose what you want to see in the HTTP history. Open the filter settings window by just clicking on filter bar.
In the filter settings window, you can set different criteria to show or hide items based on their features. For example, you can:
Filter by |
Description |
Example |
request type |
Show in-scope, with responses, or with parameters. |
To show only requests with parameters that are in-scope and have responses, click on scope, response, and parameter icons. |
MIME type |
Show or hide different content types. |
To show only HTML and CSS responses and hide images, click on HTML and CSS icons and select “Show”, and click on image icon and select “Hide”. |
Status code |
Show or hide different HTTP codes. |
To show only responses with status code 200 or 500 and hide others, click on status code icon and select “Show 200 ” and “Show 500 ”, and select “Hide others”. |
Search term |
Search for a word or phrase using text or regex. |
To search for “password” or “admin” in the responses using regex, type “/password|admin/ ” in the search box and press enter. To make your search case-sensitive and negative, check the “Case sensitive” and “Negative” boxes. |
File extension |
Show or hide items based on file extension. |
To show only items with .php or .js extension and hide others, click on file extension icon and select “.php ” and “.js ”, and select “Hide others”. |
Annotation |
Add comments or highlights to items. Show only annotated items. |
To add a comment “SQL injection possible” to an item, right-click on it and select “Add comment”. To add a red highlight to an item, right-click on it and select “Highlight item” and choose red. To show only items with comments or highlights, click on annotation icon. |
Listener |
Show items from specific listener port. |
To show only items from listener port 8080, click on listener icon and select “8080 ”. |
Conclusion
Using filters can help you find what you need in your HTTP history and ignore what you don’t. You can also sort and move the HTTP history by clicking on any column header or dragging it to another place. Right-clicking on any item in the HTTP history will give you more options to do things with it, such as sending it to another Burp tool, repeating it with changes, copying it to clipboard, saving it to file, etc.