To view and manipulate network traffic to and from websites we often use a tool called Burp Suite.
Viewing traffic with the Proxy
To view traffic to and from websites Brup makes acts a so-called "proxy", acting as a middleman between the browser and webserver. The easiest way to connect through this proxy is by using Burp's built-in browser. To open this browser head to the
Proxy tab, the
Intercept tab and click on
By heading to the
HTTP history tab one can view the HTTP requests being made.
Sending a modified request
If we want to modify a request we can do so by sending it to the
You can do so by right clicking on a request and selecting
Send to Repeater.
Now you can go to the
Repeater tab to modify and repeat the request.
In the image we successfully authenticate by performing an SQL injection.