Burpsuite is a java based Web Penetration Testing Framework. It will help you to identify vulnerabilities and verify attacks vectors that are affecting web applications. Burpsuite can be configured with Desktop as well as Android mobiles. Through Burpsuite, QA can penetrate web applications on android devices.
To test a web application using the Android device need to configure Burp Proxy Listener to accept the connection on all network interfaces, and then connect both your mobile devices and your computer to the same Wireless network.
Burpsuite Proxy Listener Configuration
In the Burpsuite, Click on the “Proxy” tab and then click on the “Option” tab. Under the Proxy Listeners, click on the “Add” button.
Under the “Binding” tab, in the “Bind to port” text field enter a port number that is not currently in use. Then select the “All interfaces” radio button and click on the “OK” button.
Configure Android Device
In the device, go to “Settings” menu
Go to WiFi section and Enable the WiFi
In the “Wi-Fi networks” table, find your network and tap it to bring up the connection menu.
Tap “Connect”, Enter the password and continue.
Once you are connected hold down on the network button to bring up the context menu. Tap “Manage Network Setting”.
Select the “Show Advanced Options” which will show the IP settings. After that go to the Proxy and select “Manual” option.
Then enter the IP of the computer running Burp into the “Proxy host name”. Enter the port number configured in the “Bind to Port” earlier under the Proxy Listener in burp, For example, “8082”.
Check The Configuration
In the Burpsuite, go to Proxy Tab and switch ON the “Intercept button” if the intercept is in Off state.
Open the Browser in your application and enter HTTP web page URL and then check the request in the burp suite.
Note: For HTTPS web page, need to install burp’s CA certificate in your device
The request has been intercepted in the burpsuite tool.
Burp Suite Installation for Mozilla Firefox: https://webkul.com/blog/burp-suite-installation-process-for-mozilla-firefox/