One of the best ways to search a Web site and search for vulnerabilities is to use a proxy. By routing traffic through a proxy like Burp Suite, you can quickly detect hidden bugs, but sometimes it's difficult to turn it on and off manually. Fortunately, there is a browser add-on called FoxyProxy that automates this process with a single click of a button.
Why use a proxy switcher?
A proxy switcher is a tool, usually in the form of a browser add -on: Allows you to turn a proxy on or off or switch between multiple proxies with one click. This saves a lot of time, as it usually requires many clicks to activate or deactivate a proxy.
This is beneficial for security researchers and penetration testers, as the time savings of messing around with settings can be better utilized, especially when exploring a website for testing. It can be annoying to constantly turn the proxy on and off, but using a proxy switch makes the process trivial.
FoxyProxy is a popular proxy switch that is available for both Firefox and Google Chrome. Here we will install and configure FoxyProxy in Firefox for use with Burp Suite.
Step 1: Add FoxyProxy to Firefox
First, we need to start Firefox and navigate to the add-on manager. You can do this by using the ctrl-shift p link, clicking the "Open Menu" button in the toolbar and then clicking "Add-ons" or "Tools" in the menu bar, and then click on "Add-ons". "
Click" Find More Add-ons "on the page Personalize your Firefox for" Get Add-ons "and search for FoxyProxy.
We will use FoxyProxy Basic because it provides enough functionality for what we need, rather than performing all of the above steps also go directly to the extension page of FoxyProxy Basic .
You can then click on "Add to Firefox" to add the extension.
At the command prompt, click Add to allow access to the information you need.
We will then go to FoxyProxy's page, which contains a change log and a few more information.
Step 2: Add a custom proxy
There should now be a little icon in the top right of the browser, next to bookmarks or whatever in the toolbar is. Click on the symbol and select "Options" to go to the settings page.
Then click Add to add a custom proxy.
While the Burp Suite is running, go to the Options tab under Proxy. We just want to confirm the default IP address and port as they must match in FoxyProxy.
Now we can enter the information and specify a title to ensure the organization.
Click "Save" and our proxy should now appear on the main settings page.
Now all we have to do is enable it while Burp is running. So we can effortlessly switch the proxy on and off or even switch between different proxies. Click the icon and select "Use proxy burp for all URLs (ignore pattern)" to enable it.
Step 3: Add the Burp CA (if not already done)
Now when we navigate to a Web site, we will get a warning about an insecure connection.
You may experience exceptions each time you load a new page, but they quickly become annoying. Instead, we can add the burp certificate to our browser so that it remains a trustworthy instance. To do this, navigate to the interface where Burp is running in the browser.
Click "CA Certificate" and save the file.
Next, go to Settings and scroll down the Privacy & Security page.
Click "View Certificates" and click the "Import" button.
Now you can select the certificate file just downloaded.
A prompt appears asking if you want to trust a new certification authority. Select "Trust this CA to identify sites" and click "OK" to save.
When we now see our certificates, we find the PortSwigger (the company) The Burp Suite certificate is installed.
Step 4: Testing the Custom Proxy
If we send a request via burp now, it should be successful.