Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

iOS mobile application test

Sharvil | Last updated: Oct 26, 2021 10:27AM UTC

Hello Team, I am trying to test an iOS mobile application using burp suite pro. Requesting your help to understand, how do i configure it so as to test the application over simulator. I am using xCODE default simulator here. Also Please advice how do I scan the application ipa with burpsuite. Best regards, Sharvil

Ben, PortSwigger Agent | Last updated: Oct 27, 2021 07:54AM UTC

Hi Sharvil, You should be able to use Burp to manually test mobile apps by proxying the traffic from your device through Burp. You would simply need to setup a proxy so that the traffic from the device is sent to the Burp Proxy Listener as highlighted below: https://portswigger.net/support/configuring-an-ios-device-to-work-with-burp It is likely that you will also need to install the Burp CA Certificate on the device in order to handle HTTPS traffic, as detailed below: https://portswigger.net/support/installing-burp-suites-ca-certificate-in-an-ios-device Unfortunately, I do not currently have a version of Xcode available to check so I am unsure whether you can set up this proxy within the setting of Xcode itself, whether you would need to set this up via the network settings of the simulated device (as you would with a physical iOS device) or whether you would actually need to configure this proxy system wide on your Mac. Burp does not have the functionality to scan binary files.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.