I love shooting Huntsville Ballet during tech week. This year’s Unplugged featuring the world premier of Phillip Otto’s The Letter.
Huntsville has a great way of keeping local history alive, stroll around Maple Hill Cemetery meeting characters from our past on a beautiful fall day. The weather was great so the afternoon sun was terrible for pictures and so were the crowds. Still, I shot a few I wasn’t too unhappy with.
I recently had to test a REST API with Burp Suite with a couple of unusual conditions. The first was I had a thick client to talk to the API that had no understanding of proxies. I could use curl to do the same thing but the client was still something I wanted to test. The second was the only access I had to target server was via SSH to a gateway system to get into the network the target was on. I knew I could tunnel Burp over SSH and I knew I could set up Burp as an invisible proxy. There are how tos out there about doing either thing separately but I didn’t find anything about doing them together. It took some trial and error with varying levels of success until I managed land at this solution that gave me the best results. Continue reading “Using Burp Suite as an Invisible Proxy Tunneled Over SSH”