ProfessionalCommunity Edition
Configuring an Android device to work with Burp Suite
-
Last updated: June 18, 2024
-
Read time: 3 Minutes
You can configure an Android device to proxy HTTP traffic through Burp Suite. This enables you to test Android apps just like ordinary websites.
The process for doing this varies depending on the device or emulator you're using, as well as your Android OS version. We've provided high-level instructions below, but you may need to find external resources for details on how to perform some of the necessary steps in your environment.
Warning
From Android 7 (Nougat) onwards, you need to use a rooted device to perform some of these steps.
Rooting your device fundamentally compromises its security model, which may expose you to malware and other forms of attack. It may also void the manufacturer's warranty. Make sure you fully understand the security implications before performing any part of this process.
Step 1: Configure a dedicated proxy listener in Burp
To enable Burp to intercept the HTTP traffic generated by your Android device, you need to configure a proxy listener and bind it to an open port.
- In Burp, open the Settings dialog.
- Go to Tools > Proxy.
- Under Proxy Listeners, click Add.
- On the Binding tab, set Bind to port to any available port.
- Set Bind to address to All interfaces.
- Click OK and confirm your entries when prompted.
Burp is now ready to receive HTTP traffic on the assigned port and forward it to the target web server.
Step 2: Configure your device to proxy traffic through Burp
Note
If you're using an Android emulator rather than a physical device, you may need to add the proxy details from the emulator settings menu rather than the native network or Wi-Fi settings on the emulated device.
- On your Android device, go to the network and internet settings.
- Open the network details for the Wi-Fi network that you want to use for testing.
- Enter edit mode.
- In the advanced settings, choose the option to configure a proxy manually.
- Set the Proxy hostname to the IP address of the machine you're using to run Burp.
- Set the Proxy port to the port you assigned to the new proxy listener you configured in Burp. For more information, see Configure a dedicated proxy listener in Burp
- Save your changes and then connect to the Wi-Fi network. Your device's web traffic is now proxied through Burp.
Step 3: Add Burp's CA certificate to your device's trust store
Each installation of Burp has its own built-in certificate authority (CA). To work with any HTTPS traffic in Burp, you need to add the associated CA certificate to your device's trust store. This enables Burp to impersonate the target web server during the TLS handshake. As a result, you can read and modify your HTTPS traffic in Burp just like you would with unencrypted HTTP traffic.
- In Burp, open the Settings dialog.
- Go to Tools > Proxy.
- Under Proxy Listeners, click Import / export CA certificate.
- In CA Certificate dialog, select Export > Certificate in DER format and click Next.
- Enter a filename and location for the certificate. Note that you need to explicitly include the
.der
file extension. - Click Next. The dialog indicates that the certificate was successfully exported.
- Add the certificate to your device's trust store. The process for doing this varies depending on the device or emulator you're using, as well your Android OS version. You can find detailed, third-party instructions on how to do this online.
Warning
We've chosen not to document the process of adding the certificate to your device's trust store ourselves. This is partly due to the amount of variation between environments, but also because this requires you to root your device. This undermines both the device's security model and the manufacturer's warranty.
If you're following a third-party tutorial, please ensure you fully understand the security implications before performing any part of the process. In particular, do not execute any commands that you don't fully understand.
Step 4: Test the configuration
To make sure that you've completed the configuration successfully and are ready to start testing:
- In Burp, go to the Proxy > Intercept tab.
- Use the button to turn the Intercept feature on.
- On your Android device, open the browser.
- Browse to any site using HTTPS. If you've completed the configuration successfully, the page should load without any security warnings and you should see your traffic in Burp on the Proxy > HTTP history tab.