1
00:00:01,050 --> 00:00:07,290
So as you must know by now, because I've repeated a few times, Berp works as a man in the middle proxy.

2
00:00:08,940 --> 00:00:13,470
So that means that it does not affect the interception of DGP messages.

3
00:00:14,420 --> 00:00:17,750
But it is not the same for EDPS requests.

4
00:00:19,110 --> 00:00:22,770
So open up your browser and enable the proxy to work with burb.

5
00:00:24,570 --> 00:00:27,540
I will go to the B Web login page.

6
00:00:28,580 --> 00:00:32,090
And then berp will immediately get the TDP request.

7
00:00:33,280 --> 00:00:36,580
So there's no problem with capturing an HDP request, right?

8
00:00:38,040 --> 00:00:46,730
So now I'll try to go to an HTTPS Web application and I'll try https colon slash slash WWE dot, NBA

9
00:00:46,730 --> 00:00:47,400
dot com.

10
00:00:48,560 --> 00:00:50,420
And this message will come up.

11
00:00:51,740 --> 00:00:55,460
So I need to add a security exception.

12
00:00:56,870 --> 00:01:02,510
Each time when I request this application, I'm going to face this message if I don't accept the exception

13
00:01:02,510 --> 00:01:03,320
permanently.

14
00:01:04,290 --> 00:01:13,740
So to use berp proxy most effectively with HTTPS websites, you will need to install burps, see a certificate

15
00:01:13,980 --> 00:01:16,170
as a trusted route in your browser.

16
00:01:17,010 --> 00:01:20,820
So let's just have a look at how to install it in Callies Firefox browser.

17
00:01:22,030 --> 00:01:25,180
Rouse, HTP, Collins, berp.

18
00:01:27,000 --> 00:01:29,970
And click on the certificate button to downloaded.

19
00:01:31,040 --> 00:01:32,300
And save the file.

20
00:01:33,920 --> 00:01:35,570
And after you say the certificate.

21
00:01:36,590 --> 00:01:38,840
Open the Firefox preferences from the menu.

22
00:01:39,960 --> 00:01:43,560
Go to the privacy and security tab and left to the menu.

23
00:01:45,240 --> 00:01:52,920
And then when you scroll down to the certificate's section, click on View Certificate's button.

24
00:01:54,300 --> 00:01:58,140
Now, from the opening pop up, go to the authorities tab.

25
00:01:59,490 --> 00:02:03,780
Then quick on the import button to install the certificate that you just downloaded.

26
00:02:06,970 --> 00:02:09,820
And just check the first option, that's enough.

27
00:02:11,620 --> 00:02:14,320
You can also view the certificate properties of you on.

28
00:02:17,980 --> 00:02:19,630
Then click, OK?

29
00:02:21,420 --> 00:02:26,910
And we import the birth certificate into our browsers trusted root certificate authorities.

30
00:02:28,890 --> 00:02:31,830
All right, so now I'm going to go back to the same Web application.

31
00:02:35,480 --> 00:02:38,750
And this time, there is no security exception message.

32
00:02:39,810 --> 00:02:42,750
And burb immediately intercepts the request.

33
00:02:43,910 --> 00:02:47,870
Now, look at this, here it is, and HDP request.

34
00:02:49,030 --> 00:02:50,710
OK, so I believe the request.

35
00:02:53,050 --> 00:02:56,380
And NBA dotcom is displayed in my browser.

36
00:02:58,140 --> 00:03:01,920
So by default burps CIA certificate is installed in Carly.

37
00:03:03,100 --> 00:03:09,370
So you probably don't get the exception message for some reason, you may need to import their certificate,

38
00:03:09,370 --> 00:03:10,870
so now you know how.