Burp Suite Session Poisoning

I am unfortunately not talking about poisoning a session to which you are connected – I’m taking about poisoning yourself during a session capture. I use Ice Weasel on Kali Linux, and since it is essentially the same thing as Fire Fox, it copies the default behavior of showing you previews of other websites whenever you open a new tab. So I would open a new tab to try another page in isolation and would watch the site map explode with all sorts of annoying websites such as jquery, Microsoft, add sites, even Facebook, so I changed the settings to show a blank page instead.

I won’t knock on Offensive Security for not wanting to custom compile their own settings into Ice Weasel for every distribution, but if you are using Kali, you may want to think about this before doing any application testing. It’s merely an annoyance at first, but I’m recording it so I don’t forget next time (I have some version of Kali on almost every device I own, whether as a dual-boot option, a virtual machine, or the base operating system).