If there are any steps or processes outlined on this page that you are not 100% comfortable with, we highly recommend that you go back and practice those skills before either attempting the practice exam or booking your certification exam.
The Burp Suite Certified Practitioner exam is designed to demonstrate and prove your ability to detect and exploit common web vulnerabilities. Although the exam itself must be completed within a set time frame, it emphasizes problem-solving over speed.
Put your focus on truly understanding a vulnerability class or exploit. If you can perform the required skills at speed, you may take that as an indicator that you are in a position to take the exam.
Before you are ready to attempt the Burp Suite Certified Practitioner exam, you should be comfortably able to complete all of the labs within the Web Security Academy labeled "Practitioner" or lower. There is no set time frame for completing the labs, but you must be able to do so without requiring access to the solutions provided.
In addition, we strongly advise that you fully familiarize yourself with the exploiting XSS labs within the XSS topic. To successfully pass the Burp Suite Certified Practitioner exam, you'll need to be able to capably perform the exploits outlined within those materials.
We've created a practice exam, to support your preparation for the final exam. This is designed to simulate the environment of a real test situation, and will cover a variety of vulnerability classes and exploits. The practice exam is there to allow you to get used to the format the real exam will use. It should also help you to gauge the difficulty level of the exam, and therefore judge for yourself whether you are at the required skill level to gain the certification.
There are no restrictions on the amount of times you may take the practice exam, and you may also quit the test simulation and begin again.
Please note that you will need access to Burp Suite Professional to pass the exam challenges. Get a subscription to Burp Suite Professional now, if you don't already have one.
To successfully pass the Burp Suite Certified Practitioner exam, you must be able to use Burp Suite Professional at a competent level. The basic skills we expect you to demonstrate, using the many functionalities of Burp Suite Professional, are as follows:
Quickly identify weaknesses and potential attack points.
Confidently use Burp Suite's manual tools to aid exploitation.
Utilize the correct tools to perform out-of-band attacks.