# Burp Suite Certified Practitioner

**How to prepare**\
<https://portswigger.net/web-security/certification/how-to-prepare>

**Make sure you did not miss these labs**\
<https://portswigger.net/web-security/certification/how-to-prepare/practitioner-labs-prep-step-one>

Take notes, from all labs, for example in cherrytree to quickly repeat learned attacks

**Mystery Challenges - Sharp your pentest skills**

Test your speed and improve your methodology

<https://portswigger.net/web-security/certification/burp-challenge>

**Example Practice Exam**\
<https://portswigger.net/web-security/certification/practice-exam>

\
**Read Exam hints** \
<https://portswigger.net/web-security/certification/exam-hints-and-guidance>

## Pentest Arsenal

Labs cheet sheets, wordlists and tools. All you need in your pentest deck.

### All labs

Remember you can seek out exploitation steps when you are lost

<https://portswigger.net/web-security/all-labs>

### Username list

<https://portswigger.net/web-security/authentication/auth-lab-usernames>

### Password list

<https://portswigger.net/web-security/authentication/auth-lab-passwords>

### SQL Injection Cheat sheet

<https://portswigger.net/web-security/sql-injection/cheat-sheet>

### XSS Cheat sheet

<https://portswigger.net/web-security/cross-site-scripting/cheat-sheet>

### Obfuscation techniques

<https://portswigger.net/web-security/essential-skills/obfuscating-attacks-using-encodings>

## Software

ysoserializer

```
wget 
https://github.com/frohoff/ysoserial/releases/latest/download/ysoserial-all.jar

```

HTTP Request smuggler extension

## Exam Review - Tips & Tricks

Exam review from those who passed the exam

{% embed url="<https://micahvandeusen.com/burp-suite-certified-practitioner-exam-review/>" %}

{% embed url="<https://www.linkedin.com/pulse/how-get-burp-suite-certified-practitioner-without-die-romano-ubalde>" %}

{% embed url="<https://github.com/DingyShark/BurpSuiteCertifiedPractitioner>" %}

{% embed url="<https://github.com/botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study>" %}

{% embed url="<https://gauravnarwani.com/burp-suite-certified-practitioner-exam-review/>" %}