General Writeups & Problem Solving/

Hands-On Configuring BurpSuite in Kali Linux.

AUTHORCyberAlp0
PUBLISHEDJuly 4, 2026
READ TIME05 MIN
Hands-On Configuring BurpSuite in Kali Linux.

Hey Folks, This is cyberalp0. Back again with a new walkthrough, in which we will be explaining in detail the ultimate way to configure burpsuite in Kali Linux. Before starting with the configuration steps, I will give you a short Intro about burpsuite. Burpsuite is a proxy used to intercept web traffic. Proxy servers allow you to capture and analyze network packets transmitted between two parties (The client side and the server side).

There are a lot of web traffic intercepting tools. Burpsuite is considered the lord of these tools. Burp is like a traffic cop who stands in the middle of the road intersection and begins controlling, monitoring, and even modifying the course path of the traffic.

A diagram that describes the role of the web proxy “Burpsuite”
A diagram that describes the role of the web proxy “Burpsuite”

Now that you have a pretty good idea of how burpsuite works, let’s understand how it works.

Simple Guide for Configuring burpsuite in Kali Linux to be able to intercept web traffic.

Step 1: Install the “FoxyProxy” plugin in your Firefox browser

Kali Linux comes, by default, with Firefox Browser. Installing the FoxyProxy Plugin is essential for the burpsuite to work properly. It allows you to route the web traffic through the burpsuite proxy. FoxyProxy allows you to create a switch between multiple proxy profiles, which is useful when working with burpsuite. You can have one profile for routing traffic through Burp, and another profile for direct access to the internet

You might ask why Kali Linux comes with Firefox, not Chrome. The reason simply is browsers like Chrome have a built-in security feature that can restrict the use of proxies, making it difficult to use burpsuite effectively.

To install the FoxyProxy, go to this website, download the plugin, and add it to your browser

Adding the FoxyProxy plugin to the Firefox browser.
Adding the FoxyProxy plugin to the Firefox browser.

Step 2: Integrating Burpsuite with FoxyProxy.

After adding the FoxyProxy extension to Firefox, you will be redirected to the changelog page

ChanChangelog page of the FoxyProxy.gelog page of the FoxyProxy.
ChanChangelog page of the FoxyProxy.gelog page of the FoxyProxy.

Go to the proxies page, then click on “add” to configure a new proxy

Adding a new proxy to the foxy proxy.
Adding a new proxy to the foxy proxy.

On this page, we will fill in the blanks to successfully integrate the Burp with the Foxy Proxy.

Identifying the burp in FoxyProxy.
Identifying the burp in FoxyProxy.

Fill in the following blanks to match the proxy settings in the burpsuite.

To see the default configuration of the proxy in the burp suite. Go to the search bar in Kali and type “burp”. Double-click on the tool to initiate it. Several windows shall be prompted for your action if this is your first time. Click on “ I Accept”, then “Next”, and finally “Start Burp”.
Go to the Proxy tab, and then navigate to the options tab. It shall appear like shown in the following screenshot
The default configuration of the burp proxy.
The default configuration of the burp proxy.

Title: Burp (Or name it as you wish)

Hostname: 127.0.0.1 (Loopback Address)

Port: 8080

Filling in the blanks in FoxyProxy.
Filling in the blanks in FoxyProxy.

You will find the burp proxy now configured and added to the Foxy Proxy

After adding the burp to the Foxy Proxy.
After adding the burp to the Foxy Proxy.

Now, we have finished 50% of the work. Let’s start configuring the other 50% in the burpsuite. Open the burp and follow the following steps.

Step 3: Configuring the burpsuite certificate to the browser (CA Certificate)

If you navigate through any website while starting the Burp Proxy, it will tell you that the connection is not secure as there is a proxy running.To avoid this, we will configure the CA Certificate in the browser, so it remains trusted. Visit the following URL

http://127.0.0.1:8080
Burp is configured in the LoopBack Address (127.0.0.1) for many reasons. most important is the isolation and security. the loopback refers to the local machine itself, rather than a remote network. This will make Burp operate in an isolated environment separated from the rest of the network. This helps in containing any potential risks or vulnerabilities during the testing process. Also, this reduces the attack surface, as the traffic is limited in the local network.
Configuring the burp on the loopback makes the setup process more straightforward. The loopback is a local IP, thus, there is no need to worry about any firewall rules, network configuration, or potential conflicts.
Also, the loopback offers a much easier testing environment. when testing web applications, the loopback allows the burp to modify, intercept, and modify the traffic between the client and the web server.

The following web page will appear. You might find the CA Certificate tab on the upper right corner of the window.

Downloading the CA Certificate to be configured in the browser.
Downloading the CA Certificate to be configured in the browser.

Click on the CA Certificate, the download shall start. Click on the downloaded file to add the certificate to the browser

Importing the CA Certificate to the browser
Importing the CA Certificate to the browser

To add the CA Certificate to the browser, go to the settings, Privacy & Security, head down to the security section, and then press on “View Certificates”.

Scroll down to the security section, or press CTRL + F and search for the “View Certificates” option

Viewing the certificates installed in the browser.
Viewing the certificates installed in the browser.

Click on “View Certificate”, and the following screenshot shall appear. Click on “Import” to import the CA certificate you just downloaded. Select the certificate and press OK.

Configuring the certificate to the browser.
Configuring the certificate to the browser.

A new window will appear asking whether to trust the CA Certificate or not

Trust the CA certificate to identify the websites
Trust the CA certificate to identify the websites

Click on ok after checking the first checkbox. Everything is now set regarding configuring the Burp Suite proxy. You will be able to intercept the web traffic between the end user and the server side.

Step 4: Make sure all is set

Start the proxy interceptor, then visit any website on the browser. You shall notice that Burp has managed to intercept the request sent from your side to the server side.

As shown in the screenshot, Burp has managed to intercept the web traffic request to visit Google.

The request will not go to the server unless you forward the request to the backend. As illustrated above, the burp works as a proxy “Police Cop” who manages to intercept, manage, and modify the web traffic that goes between the end user and the server.
That’s why the browser didn't load the google page unless you see the request in case you wanted to modify anything, then forward the request to be sent to the google servers and get back to you with its main page.
How does Burp Suite intercept the traffic between the end user and the server?
How does Burp Suite intercept the traffic between the end user and the server?

Hope You enjoyed my blog in which we have demonstrated how Burp manages to intercept the web traffic between the end user and the server.

See you in another write-up!

[ #Kali Linux ][ #burpsuite ][ #OSCP Preperations ][ #cyberskii ][ #cyberalp0 ][ #hackthebox ][ #kalilinux ][ #foxyproxy ][ #Web Application Penetration Testing ]