Proxy: Your Window into Web Traffic

The Burp Proxy is the heart of the tool. It allows you to intercept, inspect, and modify all HTTP/S traffic passing between your browser and web servers.

Key Proxy Uses:

• Viewing Requests/Responses: See exactly what your browser sends and what the server replies.
• Modifying Traffic: Change parameters, headers, or body content on the fly.
• SSL/TLS Interception: Decrypt HTTPS traffic (requires installing Burp's CA certificate).

Repeater: Your Manual Attack Playground

Repeater allows you to take any HTTP request, modify it as much as you want, and send it over and over again, observing the response each time. It's perfect for:

• Testing for vulnerabilities manually.
• Understanding how parameters affect the response.
• Fine-tuning exploit payloads.

Together, Proxy and Repeater are fundamental for manual web testing.