The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

How to test web applications that block interception proxies?

Sacho | Last updated: Nov 04, 2022 09:06PM UTC

Hi, I've been lucky enough to be given a chance to attach a commercial device that runs a web application, somewhere on the server it has some kind of WAF that blocks any interception proxy such as burp suite. How does the WAF do this? Like it literally drops all the requests coming from Burp suite or from the browser via Burp suite. Any way to bypass this?

Ben, PortSwigger Agent | Last updated: Nov 07, 2022 02:12PM UTC