Below are some examples of configuring and using Burp Suite. For more details, see the Burp Suite help page.

To start using Burp Suite, simply configure your browser to use localhost:8080 as its proxy, and begin browsing as normal. Requests (and optionally, responses) are intercepted by Burp Proxy, enabling you to view and modify them:

The Proxy maintains a full history of all requests and responses. Anywhere you see an interesting HTTP message, you can send this to other Burp tools:

As you browse the application, Burp automatically builds up a detailed map of the application's content and functionality, by passively monitoring all requests and responses passing through the Proxy, and from any active spidering which you have performed:

You can use Burp Repeater to manually modify and reissue a request, and analyse the results:

In Burp Suite Professional, you can use Burp Scanner to check for common vulnerabilities:

You can send any request to Burp Intruder to perform an automated custom attack:

You can send interesting items to Burp Comparer to identify any interesting differences between them:

You can send any session tokens issued to Burp Sequencer to analyse the quality of their randomness:

If you identify any opaque data being transmitted between the browser and server, you can send this to Burp Decoder to perform an intelligent decode of the data to reveal any interesting hidden information:

You can perform a Suite-wide search for interesting data:

In Burp Suite Professional, you can save and restore the entire Suite state and configuration, to resume working later:

For detailed information about the configuration and use of Burp Suite, see the help page.