- This event has passed.
Campfire Talk: Burp, Not Just For Browsers – Samantha Peters
October 20, 2023 @ 10:30 am – 10:45 am MDT
My presentation would show how to proxy traffic through Burp Suite from an iPhone using a Mac OS, from Python, and from Postman. Capturing this traffic can allow for quick analysis that otherwise wouldn’t be possible, and enable the use of repeater and intruder for potential exploitation. I proxy traffic from the iPhone by using the MacBook as a wifi hotspot for the iPhone and then sending that traffic through Burp Suite. This allows it to catch all traffic, even app traffic once the CA cert is set correctly on the iPhone. Postman is more straight forward and easily supported. With just a few settings you can see results from all of your API calls in Burp Suite. Python is the most troublesome as it can be a challenge to get it to use the CA cert.
This will not be a live demonstration as everything will be pre recorded / screenshot and put into a powerpoint presentation and then simply spoken to during the presentation.
I’m currently working as a Penetration Tester at Charter Communications, and am an Army Veteran. I have a M.S. in Cybersecurity and a B.S in International relations. I grew up fascinated by the antics of submitters to 2600 and somehow I turned that curiosity into a career.