PortSwigger Watch on YouTube

How to resend individual requests with Burp Repeater

3 min read 3 hours ago
Published on Oct 19, 2025 This response is partially generated with the help of AI. It may contain inaccuracies.

Table of Contents

Introduction

This tutorial will guide you through the process of resending individual requests using Burp Repeater, a powerful tool within Burp Suite. This functionality is essential for manually manipulating and analyzing HTTP and WebSocket messages, allowing you to understand how applications respond to various requests. By the end of this guide, you'll have the skills to effectively use Burp Repeater for your security testing needs.

Step 1: Setting Up Burp Suite

Before you can use Burp Repeater, ensure that you have Burp Suite installed and configured properly.

  • Download and Install Burp Suite: Visit the PortSwigger website and download the latest version.
  • Configure Your Browser: Set up your browser to use Burp as a proxy. Typically, this involves:
    • Setting the browser's proxy settings to 127.0.0.1 and port 8080.
    • Installing the Burp CA certificate for HTTPS traffic interception.

Step 2: Capturing a Request

To resend a request in Burp Repeater, you first need to capture an HTTP request.

  • Start Intercepting Traffic:

    • Open Burp Suite and go to the "Proxy" tab.
    • Ensure "Intercept is on" to capture requests as you browse.

  • Navigate to the Target Website: Use your browser to visit the website you want to test. Burp will capture the requests made by your browser.

  • Send Request to Repeater:

    • In the "Proxy" tab, find the request you want to resend.
    • Right-click on the desired request and select "Send to Repeater."

Step 3: Using Burp Repeater

Now that you have sent a request to Burp Repeater, you can manipulate and resend it.

  • Open Burp Repeater: Go to the "Repeater" tab in Burp Suite.

  • View the Request: You will see the request you sent from the proxy.

  • Modify the Request as Needed:

    • Change HTTP methods (GET, POST, etc.).
    • Edit the URL, headers, or body of the request.

  • Send the Request:

    • Click the "Send" button to resend the modified request.
    • Review the response provided in the lower section of the Repeater interface.

Step 4: Analyzing Responses

After resending requests, you need to analyze the responses to identify potential issues or vulnerabilities.

  • Check Status Codes: Look for HTTP status codes (e.g., 200, 404, 500) to determine the outcome of your request.
  • Review Response Body: Examine the returned data for any security flaws or anomalies.
  • Compare Responses: Use the "Compare" feature to see differences between responses from different requests.

Step 5: Iterating on Requests

You may want to resend requests multiple times with different parameters.

  • Continuously Modify Requests: Keep adjusting the request parameters and headers based on your findings.
  • Utilize Sessions: If applicable, maintain session tokens or cookies to ensure your requests remain valid.

Conclusion

You have now learned how to effectively use Burp Repeater to capture, modify, and resend HTTP requests. This tool is invaluable for web application testing, allowing you to test various inputs and analyze responses for vulnerabilities. As you become more familiar with Burp Suite, consider exploring additional features such as Burp Intruder and Scanner for more comprehensive security assessments. Happy testing!

Table of Contents

Recent