Burp Suite Certified Practitioner
Tips & tricks, a long journey
How to prepare https://portswigger.net/web-security/certification/how-to-prepare
Make sure you did not miss these labs https://portswigger.net/web-security/certification/how-to-prepare/practitioner-labs-prep-step-one
Take notes, from all labs, for example in cherrytree to quickly repeat learned attacks
Mystery Challenges - Sharp your pentest skills
Test your speed and improve your methodology
https://portswigger.net/web-security/certification/burp-challenge
Example Practice Exam https://portswigger.net/web-security/certification/practice-exam
Read Exam hints https://portswigger.net/web-security/certification/exam-hints-and-guidance
Pentest Arsenal
Labs cheet sheets, wordlists and tools. All you need in your pentest deck.
All labs
Remember you can seek out exploitation steps when you are lost
https://portswigger.net/web-security/all-labs
Username list
https://portswigger.net/web-security/authentication/auth-lab-usernames
Password list
https://portswigger.net/web-security/authentication/auth-lab-passwords
SQL Injection Cheat sheet
https://portswigger.net/web-security/sql-injection/cheat-sheet
XSS Cheat sheet
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
Obfuscation techniques
https://portswigger.net/web-security/essential-skills/obfuscating-attacks-using-encodings
Software
ysoserializer
HTTP Request smuggler extension
Exam Review - Tips & Tricks
Exam review from those who passed the exam
Last updated
Was this helpful?