Using BurpSuite with qutebrowser

Some time ago I switched to qutebrowser, a keyboard-driven browser based on QtWebEngine. Thus, I had to adapt my BurpSuite setup for WebApp pentesting.

When pentesting web applications, a MITM proxy to log HTTP(S) requests is a necessity. Although open-source alternatives exist, PortSwigger's BurpSuite is the de-facto standard in this niche.

Certificate Installation

To be able to MITM TLS-encrypted connections without certificate errors, you first need to install Burp's locally generated CA certificate.

Like Chromium and Firefox, qutebrowser checks the user-local NSS Database at ~/.pki/nssdb/ for certificates. Using certutil, you can install the certificate like this:

$ certutil -d "sql:$HOME/.pki/nssdb" -A -i ~/Downloads/cacert.der -n "Burp Suite CA" -t C,,

Proxy Setup in Qutebrowser

Next thing you'll need is a proxy setup for qutebrowser. A proxy can easily be set using:

:set content.proxy http://127.0.0.1:8080/

In order to enable and disable "burp-mode" faster, you can use aliases:

:set aliases '{ "burp": "set content.proxy http://127.0.0.1:8080/", "noburp": "set content.proxy system" }'

Now you can simply type

:burp

to start sending the requests via the proxy.

When you type

:noburp

the browser will use the system proxy again.