Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Slow network requests while using Burp / Upstream Proxy in Burp

Julian | Last updated: Apr 06, 2019 09:07AM UTC

TLDR; Website loading time while using burp is doubled, tripled if using Burp + SOCKS5 Hello everyone, I'd like to ask more information about a bug I'm currently encountering while using any version of Burp, perhaps other users can perform tests to confirm if they have the same issue on their end. The problem is as follows: When I'm trying to load a website while using burp on any browser, e.g. https://www.yahoo.com, the loading time is very slow compared to configuring the upstream proxy directly in the browser, for a site like yahoo, it takes around 28 seconds to fully load the main page while using Burp+Proxy, using Burp without a Proxy usually takes ~20 seconds to load, if I configure the proxy directly on the browser, it takes around 9-10 seconds to load, the issue becomes unbearable with sites that are not lightweight, or have a lot of separate js/css/html resources - for reference, the same site takes about 7 seconds to load on an unproxified, direct connection. For my tests, I used the Chrome/Firefox Developer Tools, I basically just press F12 to bring the Developer Tools, go to the Network Tab, and check the "Disable cache" box, from there I just perform the tests with and without burp, using the timeline in DevTools to compare loading times. I've tried all sorts of configurations / environments to eliminate the issue without any success, here is a list of things I've attempted to do: - Setting the default Burp configurations - Trying other websites and measuring their loading times - Switching between different versions of Java - Switching between different versions of Burp - Trying different Browsers (FF, IE, Chrome) - Trying it in Windows 7/10/Linux, in various VM/non-VM configurations - Disabling Master Interception, and most options that replace/intercept traffic in Burp - Enabling/Disabling 'Invisible Proxying' in Burp - Manually setting an Upstream Proxy in the JVM variables, e.g. launching burp with the following command line: -DsocksProxyHost=my.proxyhost.com -DsocksProxyPort=9001 I even attempted to use a similar software (which is also developed in Java), OWASP Zed, and got some interesting results, - If I don't setup an upstream proxy in OWASP Zed, the loading time is ~10 seconds (very close to native, unproxified browsing), for reference, while using burp, the same process takes ~20 seconds without a proxy, ~30 seconds with an upstream proxy - If I setup an upstream proxy in OWASP Zed, the loading time increases to ~25 seconds, which is very similar to the Burp+Proxy scenario It is very weird that OWASP Zed doesn't seem to add a lot of overhead when not using an upstream proxy, I find it very confusing that Burp alone, without an upstream proxy, is doubling the loading time even when I strip away most of the interception options. Can someone confirm if they have the same issue as I do? You can use the DevTools as I mentioned above in order to find this out, it shouldn't take more than 5 minutes to perform a few tests. From my testing, it seems that Burp adds a huge overhead while loading a website regardless if you are using an upstream proxy or not, whereas in OWASP Zed, this issue only happens when you configure an upstream proxy. I understand that using Burp with a browser should add some overhead, but this seems excessive in my opinion, specially after considering that OWASP Zed doesn't suffer the same issue (as long as you don't use an upstream proxy with it) Thank you for your attention, I hope I didn't make a long winded post to explain such a simple matter, but this issue has been bugging me for quite a while now and I didn't want to miss mentioning all of the things I've tried to resolve the issue.

Burp User | Last updated: Apr 06, 2019 09:16AM UTC

I've made an issue in my original post, my autocorrect feature changed "OWASP Zap" to "OWASP Zed" for some reason, in case someone is confused by that.

Burp User | Last updated: Apr 06, 2019 05:37PM UTC

I did some further testing, and found another interesting detail about this issue, if I add the test domain name to the "SSL Pass Through" feature in Burp, the loading times get significantly shorter while using an upstream proxy, almost equal to the use of a native proxy in the browser. I know that doing this kinda defeats the purpose of using Burp for content monitoring/manipulation, but I confirmed that this delay is happening during the inspection of HTTP(S) traffic only.

Liam, PortSwigger Agent | Last updated: Apr 08, 2019 07:35AM UTC

Thanks for this report Julian. We've attempted to reproduce the issue using Firefox 66.0.1 and the latest version of Burp 2.x. without any success. Which browser and Burp versions are you using? What is the purpose of your upstream proxy? Are you working behind a corporate proxy? Is it possible to test this issue on another network?

Claymore | Last updated: Nov 18, 2020 04:05PM UTC

I Too am seeing this issue on both firefox 82.0.3 and chrome 86.0.4240.198. If I am using burp through a socks5 proxy. the sites can take up to 120 seconds to load. but if I have the browser configured to go through the socks5 the site load in the normal times. I have tried this on multiple networks including amazon, digital ocean, and Hack The box. there is an obvious difference between browser -> burp -> socks proxy and browser -> socks proxy. to the point where I can't even use burp for these types of engagements.

Liam, PortSwigger Agent | Last updated: Nov 19, 2020 12:11PM UTC