Testing HSTS-protected Web Applications with BurpSuite

1. Used firefox
2. set up burp as proxy in firefox setting
3. opened https://pro.portswigger.net/ (this is not HSTS protected)
4. Got the certificate not trusted message 

5. Clicked on add exception
6. Changed tab from general to details
7. Highlighted portswiggerCA so that it became blue and clicked on export
   
   
8. Once exported, close the window and the tab underneath. 
9. Go to the options of firefox, click on advanced and then view certificates
10.  Select the "authorities" tab and then click on "import". Import the certificate you exported before and make sure you tick the"Trus this CA to identifiy Websites" option before pressing OK.                                                            
11. Now you can close this menu and load your HSTS-protected website :)

Inspired by this video