you’re free to configure a number of automatic changes to be made to the responses you receive.
The options can be found in the Response Modification section of the Options sub-tab of the Proxy tab.
All of the automatic response modifications are designed to be useful for people testing websites.
Note: Burp Suite has legitimate uses, as a security tool.
The first option is Unhide hidden form fields and comes with the sub-option Prominently highlight unhidden form fields.
Hidden form fields generally contain a preconfigured data value, such as a user ID.
Remove input field length limits removes any restrictions on how many characters can be submitted via a form field.
This may cause unexpected behaviour in websites that expect only a certain length of input.
Remove all JavaScript deletes all JavaScript from the webpage.
This option is intended to disable client-side logic.
Convert HTTPS links to HTTP automatically downgrades encrypted links to plaintext ones.
This can be useful for testing SSLStrip-punch in attacks and verifying that the website upgrades plaintext requests.
This could assist with leaking authentication tokens and other sensitive cookies when performing SSLStrip-bang out attacks.
