If you're using Kali Linux on WSL (Windows Subsystem for Linux) and want to capture or analyze its traffic in Burp Suite, you may run into challenges. Routing traffic from WSL to Burp Suite on a Windows host can be tricky due to firewall restrictions. In this guide, we'll walk you through the complete process of proxying Kali WSL traffic through Burp Suite installed on your Windows machine.
Understanding WSL and Its Network Structure
WSL allows you to run Linux distributions directly on Windows without needing a virtual machine or dual boot. While WSL shares networking resources with the Windows host, configuring its traffic to pass through external applications like BurpSuite requires some tweaks.
Prerequisites for Proxying WSL Traffic
A Windows machine with WSL installed.
Kali Linux set up in WSL.
BurpSuite installed on Windows.
Step 1: Install and Set Up Kali Linux on WSL
Open PowerShell as Administrator.
Install Kali-linux using:
Copywsl --install -d kali-linux
3. Update and upgrade packages:
Step 2: Install BurpSuite on Windows
Download BurpSuite from the official website.
Follow the installation instructions.
Launch BurpSuite and ensure it's ready for proxying
Step 3: Identifying system IP Addresses
On the Windows host open PowerShell or Command Prompt and run:
Locate the IPv4 Address under Ethernet adapter vEthernet (WSL (Hyper-V firewall)) on your Windows machine. Copy this IP address and run a ping test from Kali WSL to check if the host is reachable.
The first time you try to ping this IP to test connectivity it won't work because the Windows firewall blocks all incoming requests by default.
Step 4: Configure Windows Network for WSL
Open Windows Defender Firewall.
Go to Advanced Settings.
Disable firewall protection for both Domain, Private and Public networks under the WSL interface by uncheck the vEthernet (WSL (Hyper-V firewall)) box and click apply and Ok.
Now from Kali WSL try pinging the host's IP address to verify network connectivity. You should see a response indicating that the host is reachable.
Step 5: Testing Traffic with wget
Now test the proxy by running the following wget command in Kali WSL
If you see a response like this, it means your proxy is successfully configured with the WSL IP
Step 6: Configure BurpSuite as a Proxy listener
Open BurpSuite and go to Proxy → Options.
add a new listener on [host_ip]:8080.
Click on specific address and select WSL host IP address.
To further confirm that Burp Suite is capturing the requests try using a tool like ffuf or sqlmap with the proxy configured For example:
Now you'll see all the WSL traffic routed through Burp Suite, allowing you to inspect, intercept and analyze the requests.
Why Use BurpSuite for Proxying WSL Traffic?
Analyze HTTP/HTTPS requests in real-time.
Useful for penetration testing.
Debug and monitor web applications.
Inspect API requests and responses
Conclusion
By following these steps you can successfully route traffic from WSL through Burp Suite, allowing for effective interception and analysis. Whether for penetration testing, debugging or learning, this setup is invaluable for security professionals
Copy╭─[coffinxp@Lostsec]─[~] (WSL at )─[ 76%]─[21,08:28]
╰─ ping 172.23.96.1
PING 172.23.96.1 (172.23.96.1) 56(84) bytes of data.
64 bytes from 172.23.96.1: icmp_seq=1 ttl=128 time=0.409 ms
64 bytes from 172.23.96.1: icmp_seq=2 ttl=128 time=2.00 ms
64 bytes from 172.23.96.1: icmp_seq=3 ttl=128 time=1.52 ms
64 bytes from 172.23.96.1: icmp_seq=4 ttl=128 time=3.00 ms
64 bytes from 172.23.96.1: icmp_seq=5 ttl=128 time=0.402 ms
64 bytes from 172.23.96.1: icmp_seq=6 ttl=128 time=0.348 ms
64 bytes from 172.23.96.1: icmp_seq=7 ttl=128 time=2.18 ms
64 bytes from 172.23.96.1: icmp_seq=8 ttl=128 time=1.59 ms
64 bytes from 172.23.96.1: icmp_seq=9 ttl=128 time=2.43 ms
64 bytes from 172.23.96.1: icmp_seq=10 ttl=128 time=2.26 ms
coffinxpFollow
InfoSec Write-upsandroidstudio~4 min read·March 21, 2025 (Updated: March 21, 2025)·Free: No
