You’ve done everything right:
- Set the browser proxy to 127.0.0.1:8080
- Opened Burp Suite and enabled Intercept
- Installed Burp CA certificate in browser
But still… Burp is NOT capturing any requests!
This issue confuses even experienced cybersecurity students. The solution is often not mentioned in typical YouTube or blog tutorials.
Common Mistake:
Modern browsers like Chrome and Firefox use DOH (DNS over HTTPS) and QUIC (HTTP/3) protocols that bypass system proxy settings.
- Disable QUIC protocol in your browser
- For Chrome, visit:
chrome://flags/#enable-quic → Set to Disabled
- For Chrome, visit:
- Disable DNS over HTTPS (DoH):
- For Firefox:
about
references#general → Scroll down to Network Settings → Uncheck Enable DNS over HTTPS
- For Firefox:
- Ensure only one active network adapter is using proxy.
- Some VPNs and security tools install hidden adapters that bypass Burp. Disable those from Control Panel > Network.
- Restart Burp Suite and your browser.
- Try again — now Intercept should work perfectly.
Why This Matters:
- Not intercepting means no traffic visibility, killing your testing efficiency.
- Many tutorials skip browser-level protocols like DoH/QUIC.
- As of 2025, most browsers have these enabled by default.
