Tip

I strongly recommend using the built-in Burp Suite Browser, since it already has proxy and SSL interception set up. Also, it’s always best to keep your “hacker” and “normie” tools/identities as separate as possible!

That said… The Burp Suite browser is compiled as an x86_64 binary on Linux, and thus doesn’t work on a Raspberry Pi or in a Linux VM running on M-series Apple devices. So it’s likely that you’ll run into situations where you’ll still need to use Firefox.

First, make the following changes to Firefox’s settings:

• Settings → General → Network Settings → Settings… → Manual proxy configuration → (Set the “HTTP Proxy” to 127.0.0.1:8080 and check “Also use this proxy for HTTPS”)
• Settings → Privacy & Security → Browser Privacy → Logins and Passwords → Ask to save logins and passwords for websites → Off
• Settings → Privacy & Security → Browser Privacy → History → Use custom settings for history → Always use private browsing mode → On

Then install the Burp Suite CA certificate:

• Start Burp Suite.
• Go to http://127.0.0.1:8080.
• Click on the “CA Certificate” link in the upper right to download Burp Suite’s certificate.
• Go to Settings → Privacy & Security → Security → Certificates → View Certificates…
• Import the Burp Suite CA certificate and check “Trust this CA to identify websites.”

It’s also possible to use FoxyProxy — set up Burp Suite as a togglable proxy and then import the Burp Suite CA certificate as above. I don’t like this option because I think that hacking and normal browsing activities should be kept as separate as possible.

Using Chromium on the Raspberry Pi as the Burp Suite browser might be the best option, as it aligns more with Burp Suite’s built-in (x86_64) browser. Unfortunately, Chromium’s certificate import functionality appears to be broken on Kali Linux ARM right now.