# Burp Proxy Introduction

### Introduction into BURP

Burp is a Webapplication Proxy. To practice let's start the [DVWA ](https://cas-cyber.gitbook.io/cas-cybersecurity/docker-basics#dawn-vulnerable-webapp-installation)Docker Container.

> sudo docker start dvwa
>
> docker ps

Our docker container listens on port 80. 

Instead of <http://127.0.0.1:80> use the docker interface [http://172.17.0.1:80.\&#x20](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/http:/172.17.0.1:80.\&#x20);

<div align="left"><img src="https://3977837039-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MfT0VPyK6X13Egd9pzy%2F-MhiT0UzCsnB0He0xtva%2F-MhjPfZ0dzA_akXj5W7W%2Fdvwa01.png?alt=media&#x26;token=059bc4bc-1762-45e4-9064-ee5d0d04e646" alt=""></div>

The reason for that is that we would not see any traffic in burp otherwise.&#x20;

Let's start burp and use burp defaults.

![](https://3977837039-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MfT0VPyK6X13Egd9pzy%2F-MhiT0UzCsnB0He0xtva%2F-MhjOZl7YvyV8r79sbew%2Fburp01.png?alt=media\&token=d4dfb166-5491-4188-ae65-bfc0c06d997c)

Burp listens on 127.0.0.1:8080. If we want burp to intercept webtraffic we need to configure this address as webproxy in our browser.

![Burp Interface](https://3977837039-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MfT0VPyK6X13Egd9pzy%2F-MhiT0UzCsnB0He0xtva%2F-MhjSFiMaY7z1fBvJSgV%2Fburp03.png?alt=media\&token=9ac55097-75a8-4469-893d-8a0aba52a109)

We have different Modules here (Proxy, Intruder, Repeater,Sequenzer,Decoder,Comparer...)

Let's go hands on and practice :)