On Kali Linux host:
VirtualBox:
$ sudo apt-get install virtualbox
$ wget https://sourceforge.net/projects/owaspbwa/files/1.2/*.ova
# set up virtualbox
File > Host Network Manager
Create
vboxnet0:
Adapter: Manual
Ipv4 Address: 192.168.56.1
Ipv4 Network Mask: 255.255.255.0
DHCP Server:
[x] enable server
Server address: 192.168.56.100
Server Mask: 255.255.255.0
Lower Address Bound: 192.168.56.101
Upper Address Bound: 192.168.56.254
# open *.ova in virtualbox by double clicking the ova file
owasp vm - Settings
Network > Adapter
[x] enable
Attached to: host-only adapter
name: vboxnet0
# start owasp vm
browser:
# navigate to 192.168.56.101
# you should see a bunch of owasp applications
Preferences > Network Proxy > Manual
HTTP Proxy: 127.0.0.1 Port: 8080
[x] use this proxy server for all protocols
No proxy for:
localhost, 127.0.0.1
burpsuite:
# pre-installed on kali linux
Proxy > Options:
enable the following:
Interface: 127.0.0.1:8080 (Per-host)
Intercept:
disable intercept (set to off)
Target:
site map:
# you should see a bunch of stuff under "http://192.168.56.101"
Forward/Drop Intercepts:
enable intercept
refresh browser
# request to http://192.168.56.101:80
# browser will say waiting for ...
forward
# output is now empty but the page will be done waiting/loading