Add the Burp Suite certificate as a trusted root CA for your browser/OS. This would expose you to man-in-the-middle attacks from anyone possessing the same certificate.

Force your browser to connect over port 80. Data would be transmitted in cleartext, removing the need for certificates.

Configure your browser to ignore all SSL/TLS certificate warnings. This would make your HTTPS sessions vulnerable to ARP spoofing on the local LAN.

Start sslstrip and redirect port 443 to its listening port. This ensures that plaintext sessions are not upgraded to SSL/TLS.

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *