congrats \o/ I see my BSCP github Lab cheatsheet 1: noted in your video description, thanks, glad it came up in your research and glad if it helped breaking down the stages
It was awesome, thanks! I came across some of my own videos/writeups on a cheatsheet while I was revising, might of been yours. Full learning circle, love to see it 😅
Glad to see you’re uploading fairly regularly, I found you binex playlist and man it’s been immensely helpful keep it up man! You do a great job breaking things down and explaining things.
Thanks for the review. These labs used to load so fast, but now it takes forever to load /my-account, and even times out. Must be the traffic due to this video 😅
@@ismailmatrix1 There's no VPN, it's a similar setup to the practice exams. I didn't notice any performance issues though, they probably take resource allocation more seriously for the exam.
Thanks for the vid, if you can, what is the differences and similarities between this cert and the CBBH from HTB? Are you familiar with that course/have you taken it? Trying to do both and wondering what I will get separately from each course/cert
I did the CBBH course (completing CPTS will get you 60% through) but not the exam. I would say BSCP is purely focused on finding and exploiting all types of web vulnerabilities. CBBH is focused on bug bounty so there is more about methodology, recon, reporting etc and some more realistic scenarios but it won't have as many labs per vulnerability class.
Hello, your video is really helpful for someone who's currently taking the academy and planning to take the exam. I just have a question, since the exam and some labs needs to have a burp pro, can I just use their free trial of pro when taking the exam? Cause if Im going to pay that price + the exam, I will take first the CPTS or PNPT considering the cost. But if I can take advantage of burp pro trial, definitely will take BSCP first. Thanks!
Hey, I covered a little around 1:33 as when I was researching this I found mixed reports coming from Portswigger themselves. In one case they said you can use a trial, in another they said you need a valid license. They probably don't want to advertise it so as not to effect sales, but I'd guess you probably would get away with using the trial..
Thanks for the detailed breakdown as usual. If I may one question. Currently working as a network admin and I am looking to get into pentesting. Most people say that it's easier to get into web app pentesting as there is more demand, however should I still pursue network pentesting as it's closer to my background ?
Thanks mate! Good question, but one only you can answer. I don't think you'll have problem finding work in either field, if you are good at what you do. The most skilled people are generally those who are passionate about the subject, so if you feel more interested in web then don't worry if you won't put your networking experience to best use (I say "best", because even if you move to web, the network pentesting experience will be helpful). On the other hand, if you feel more passionate about networking, don't switch to web just because there might be more work/money. TLDR; work hard on what you enjoy and the work/money will follow. Besides, many pentesting jobs involve a mix of these topics. One client might request a website pentest, another a network, another a mobile app.. or maybe a combination of all 🙂
Congrats! I will attempt my first exam soon, but I still struggle with some obfuscation in the practice exams (XSS). I generally feel confident with XSS and XXE, but since I'm really new to the field and don't have much (if any) web development experience, I feel like I'm missing out on some JavaScript and XML built-in functions and syntax that can be used to obfuscate. To my question: Was that a big part of your exams? Do you have some resources that might help with that?
Thank you! Best of luck with the exam 🤞On the obfuscation, portswigger recommend this article for the exam: portswigger.net/web-security/essential-skills/obfuscating-attacks-using-encodings, I'd also recommend reviewing the labs that require obfuscation. I can't say much about the final exam (and both my attempts were different vulns anyway) but the practice exams are a good idea of what to expect - IIRC in those you don't have to deal with obfuscation blindly, e.g. there is some feedback to say something like "attack detected" or you can see some characters/keywords being stripped out, so you know where to focus your obfuscation techniques on, e.g. if there's an indication that some chars are blocked, you could fuzz through the possible chars and make a list of which ones trigger an error and which don't, then try different encodings until you no longer see errors.
Hello! Thanks for the detailed review. However, I am still not sure whether to go for CBBH or BSCP first. I know BSCP is much cheaper, but since I need Burp Pro to finish all the Academy labs and for the exam, I think it would be necessary to get a 1-year subscription. Would it still be worth it to go first with BSCP instead of CBBH considering that the prices could be similar for both with the Burp Pro subscription + exam voucher cost?
Hmmmm good question! I haven't done the CBBH exam but I did finish the course. First thing I'll say is they both good, but very different. Portswigger will teach you everything you need to know about web vulns and exploits, but not much about the methodology of hunting. CBBH will go more into things like scope, recon, reporting etc. Personally, I would recommend BSCP first - the labs and material on portswigger are the gold standard IMO, everyone interested in web hacking should complete them. The exam is very fairly priced, but will probably continue to rise as it becomes more established. I know you mention the price of burp but consider you could: a) Use burp pro 1 month trial b) At least get the benefits of having a year of burp pro, e.g. for bug bounty hunting Up to you though, CBBH is also very good!
@@_CryptoCat Thank you for the quick response. I hadn't considered the benefits of having a Burp Pro subscription for bug bounty, so that's definitely useful. But yeah, like you said, BSCP is still at a fair price and Portswigger is pretty well known, so I think I'm going to take advantage of that. Thanks again for the advice 🙌🏼
hi ty for ur tutorial, i see that u shared the completion of the challenge cubebreaker on htb, can u help me with some hint? Iescaped the box and bypassed the check for coordiantes, so now i can move free outside the box, but it seems like that the cube outside don’t have collisions, any help?
You get one attempt per exam voucher but I don't think there are any limits on how many times you can take the exam. I read some reports on reddit of people taking the exam ~10 times (it used to be a lot cheaper lol).
9:52 ysoserial, PHPGGC (destirilisation vulns). Burp Extensions: HTTP Request Smuggler; Param MIner, JWT Editor, JSMiner, Host Header Inchecktion, Java Deserilisation Scanner, Content Type Converter; SQLmap
Nice! ✅Hackvertor highly recommended too!
congrats \o/ I see my BSCP github Lab cheatsheet 1: noted in your video description, thanks, glad it came up in your research and glad if it helped breaking down the stages
It was awesome, thanks! I came across some of my own videos/writeups on a cheatsheet while I was revising, might of been yours. Full learning circle, love to see it 😅
Not all heroes wear capes.
Good timing, bought my Exam Voucher yesterday :D
Thanks for the insides.
Perfect, good luck! 🤞
how was the exam ?!
Glad to see you’re uploading fairly regularly, I found you binex playlist and man it’s been immensely helpful keep it up man! You do a great job breaking things down and explaining things.
Thanks mate! Appreciated 🥰
Thanks for the feedback. You gave me the motivation pass it.
Awesome!! 💜
Awesome review, man!
Thank you! 🙏
That's one valuable piece of info, mate.
Thx
🙏🥰
Very useful video. Thank you, CryptoCat! 🙏🚩
Thank you! Glad you liked it 🥰
Thanks for the review. These labs used to load so fast, but now it takes forever to load /my-account, and even times out. Must be the traffic due to this video 😅
Hahaha sometimes they are slow for me as well! The worst is when they crash and you can't restart xD
@@_CryptoCat The exam is fast though right? They give you a private network for the exam, through a VPN or otherwise?
@@ismailmatrix1 There's no VPN, it's a similar setup to the practice exams. I didn't notice any performance issues though, they probably take resource allocation more seriously for the exam.
Thanks for the vid, if you can, what is the differences and similarities between this cert and the CBBH from HTB? Are you familiar with that course/have you taken it? Trying to do both and wondering what I will get separately from each course/cert
I did the CBBH course (completing CPTS will get you 60% through) but not the exam. I would say BSCP is purely focused on finding and exploiting all types of web vulnerabilities. CBBH is focused on bug bounty so there is more about methodology, recon, reporting etc and some more realistic scenarios but it won't have as many labs per vulnerability class.
Hello, your video is really helpful for someone who's currently taking the academy and planning to take the exam. I just have a question, since the exam and some labs needs to have a burp pro, can I just use their free trial of pro when taking the exam? Cause if Im going to pay that price + the exam, I will take first the CPTS or PNPT considering the cost. But if I can take advantage of burp pro trial, definitely will take BSCP first. Thanks!
Hey, I covered a little around 1:33 as when I was researching this I found mixed reports coming from Portswigger themselves. In one case they said you can use a trial, in another they said you need a valid license. They probably don't want to advertise it so as not to effect sales, but I'd guess you probably would get away with using the trial..
SSRF on localhost:6566 means that there will be no local network fuzzing in the exam? thank you for this video, super helpful!
Exactly! No problem 💜
Thanks for the detailed breakdown as usual. If I may one question.
Currently working as a network admin and I am looking to get into pentesting. Most people say that it's easier to get into web app pentesting as there is more demand, however should I still pursue network pentesting as it's closer to my background ?
Thanks mate! Good question, but one only you can answer. I don't think you'll have problem finding work in either field, if you are good at what you do. The most skilled people are generally those who are passionate about the subject, so if you feel more interested in web then don't worry if you won't put your networking experience to best use (I say "best", because even if you move to web, the network pentesting experience will be helpful). On the other hand, if you feel more passionate about networking, don't switch to web just because there might be more work/money.
TLDR; work hard on what you enjoy and the work/money will follow. Besides, many pentesting jobs involve a mix of these topics. One client might request a website pentest, another a network, another a mobile app.. or maybe a combination of all 🙂
@@_CryptoCatthanks, really appreciate the input
Congrats! I will attempt my first exam soon, but I still struggle with some obfuscation in the practice exams (XSS). I generally feel confident with XSS and XXE, but since I'm really new to the field and don't have much (if any) web development experience, I feel like I'm missing out on some JavaScript and XML built-in functions and syntax that can be used to obfuscate.
To my question: Was that a big part of your exams? Do you have some resources that might help with that?
Thank you! Best of luck with the exam 🤞On the obfuscation, portswigger recommend this article for the exam: portswigger.net/web-security/essential-skills/obfuscating-attacks-using-encodings, I'd also recommend reviewing the labs that require obfuscation. I can't say much about the final exam (and both my attempts were different vulns anyway) but the practice exams are a good idea of what to expect - IIRC in those you don't have to deal with obfuscation blindly, e.g. there is some feedback to say something like "attack detected" or you can see some characters/keywords being stripped out, so you know where to focus your obfuscation techniques on, e.g. if there's an indication that some chars are blocked, you could fuzz through the possible chars and make a list of which ones trigger an error and which don't, then try different encodings until you no longer see errors.
you're my favourite
💜
Hello! Thanks for the detailed review. However, I am still not sure whether to go for CBBH or BSCP first. I know BSCP is much cheaper, but since I need Burp Pro to finish all the Academy labs and for the exam, I think it would be necessary to get a 1-year subscription. Would it still be worth it to go first with BSCP instead of CBBH considering that the prices could be similar for both with the Burp Pro subscription + exam voucher cost?
Hmmmm good question! I haven't done the CBBH exam but I did finish the course. First thing I'll say is they both good, but very different. Portswigger will teach you everything you need to know about web vulns and exploits, but not much about the methodology of hunting. CBBH will go more into things like scope, recon, reporting etc.
Personally, I would recommend BSCP first - the labs and material on portswigger are the gold standard IMO, everyone interested in web hacking should complete them. The exam is very fairly priced, but will probably continue to rise as it becomes more established. I know you mention the price of burp but consider you could:
a) Use burp pro 1 month trial
b) At least get the benefits of having a year of burp pro, e.g. for bug bounty hunting
Up to you though, CBBH is also very good!
@@_CryptoCat Thank you for the quick response. I hadn't considered the benefits of having a Burp Pro subscription for bug bounty, so that's definitely useful. But yeah, like you said, BSCP is still at a fair price and Portswigger is pretty well known, so I think I'm going to take advantage of that. Thanks again for the advice 🙌🏼
@@xm4nd0 No problem mate, best of luck! 🤞
hi ty for ur tutorial, i see that u shared the completion of the challenge cubebreaker on htb, can u help me with some hint? Iescaped the box and bypassed the check for coordiantes, so now i can move free outside the box, but it seems like that the cube outside don’t have collisions, any help?
Did you get it solved? You can DM me on discord if needed
How many times can you take the exam once you have bought the voucher?
You get one attempt per exam voucher but I don't think there are any limits on how many times you can take the exam. I read some reports on reddit of people taking the exam ~10 times (it used to be a lot cheaper lol).
hey .. no one says going with cracked burp version 😁😂
😬😬😬
@@_CryptoCat can we use it?
@@studiospan6426 I mean.. it's illegal 😅
Burp Suite Certified *Practitioner
WTF 😂 Thanks!
will never pay every 5 years. Feels like a church. needs money.