PortSwigger Certification

PortSwigger Burp Suite Certified Practitioner (BSCP) Practice Test

Prepare for the Burp Suite Certified Practitioner exam with free practice tests focused on Burp Suite Professional workflows, web exploitation logic, and Practitioner-level vulnerability classes.

14Practice Tests
280Total Questions
9Topics Covered
100%Free Forever

Domain Wise — BSCP Mock Tests

Target individual BSCP preparation areas with focused practice. PortSwigger does not publish official topic percentage weights for the live exam, so the weights below are study-planning estimates based on the common Web Security Academy areas most relevant to BSCP preparation.

D1
Fundamental Web Technologies
HTTP requests and responses, cookies, sessions, browser security controls, same-origin policy, and request routing fundamentals
10% Study Weight Start Test →
D2
Burp Suite Functionality
Proxy, Repeater, Intruder, Scanner, Collaborator, project files, site maps, and efficient manual testing workflows
15% Study Weight Start Test →
D3
Cross-Site Scripting (XSS)
Reflected, stored, and DOM XSS, context breaking, browser execution, exploit server use, and session theft scenarios
15% Study Weight Start Test →
D4
SQL Injection
Union, error-based, boolean-based, and time-based SQL injection, database enumeration, and credential extraction
15% Study Weight Start Test →
D5
Cross-Site Request Forgery (CSRF)
CSRF tokens, SameSite cookie behavior, state-changing requests, Referer checks, and practical bypass patterns
8% Study Weight Start Test →
D6
XML External Entity Injection (XXE)
External entity abuse, XML parser behavior, local file disclosure, blind XXE, and out-of-band interaction techniques
8% Study Weight Start Test →
D7
Directory Traversal
Path normalization, encoding tricks, OS path differences, file disclosure, and safe proof-of-impact extraction
8% Study Weight Start Test →
D8
Server-Side Request Forgery (SSRF)
Loopback services, internal-only targets, URL parsing issues, blind SSRF, cloud metadata, and Collaborator-based validation
10% Study Weight Start Test →
D9
Adapting Attacks to Bypass Defenses
Encoding, payload mutation, broken defensive filters, WAF-aware testing, and adapting known attacks to constrained targets
11% Study Weight Start Test →

About the BSCP Certification Exam

The Burp Suite Certified Practitioner is a practical certification for web security professionals who want to prove they can use Burp Suite Professional to find, exploit, and validate real application vulnerabilities.

What Is the BSCP?

The Burp Suite Certified Practitioner (BSCP) is PortSwigger's official certification for web security professionals. It validates deep knowledge of web vulnerability classes, the ability to exploit them with the right testing mindset, and practical skill with Burp Suite Professional.

The exam is aimed at penetration testers, application security testers, bug bounty hunters, and security consultants who need hands-on proof of web exploitation ability. It is especially useful for roles such as Web Application Penetration Tester, Application Security Engineer, Security Consultant, Bug Bounty Hunter, and Product Security Analyst.

In the United States, the Bureau of Labor Statistics reports a median annual wage of $124,910 for information security analysts, with the top 10 percent earning more than $186,420. Specialized web application security and penetration testing roles may vary by location, seniority, employer, and consulting experience.

Exam Format (2026)

Testing method: Online practical exam with automated proctoring and identity verification.

Applications: Two intentionally vulnerable web applications.

Duration: 4 hours.

Question types: Hands-on exploitation tasks, not multiple-choice questions.

Objective structure: Each application has three stages: access a user account, access the admin interface, and read the target secret file.

Passing score: PortSwigger does not publish a numeric scaled score; results are practical pass or fail.

Exam fee: The exam price is shown in the PortSwigger account checkout and is available in USD, GBP, and EUR. A valid Burp Suite Professional license is required.

Eligibility Requirements

Formal prerequisites: PortSwigger does not publish a required degree, job title, or years-of-experience prerequisite for BSCP.

Required account: You need a PortSwigger user account to purchase and start the certification exam.

Software requirement: You must have access to an active Burp Suite Professional license at the time of the exam.

Recommended skill level: You should be able to complete all Web Security Academy labs labeled Practitioner or lower without using the provided solutions.

Open book: The exam is open book, but you must complete it independently without help from another person.

Validity: A successful BSCP certificate is valid for five years.

BSCP Study Weights — Web Security Academy Focus Areas

PortSwigger does not publish official BSCP domain percentages. This table uses study weights to help you organize preparation across the vulnerability classes and Burp Suite skills most relevant to the practical exam.

AreaTopicStudy Weight
Topic 1Fundamental Web Technologies10%
Topic 2Burp Suite Functionality15%
Topic 3Cross-Site Scripting (XSS)15%
Topic 4SQL Injection15%
Topic 5Cross-Site Request Forgery (CSRF)8%
Topic 6XML External Entity Injection (XXE)8%
Topic 7Directory Traversal8%
Topic 8Server-Side Request Forgery (SSRF)10%
Topic 9Adapting Attacks to Bypass Defenses11%

How Our Practice Tests Are Designed

Practical-exam awareness — BSCP is not a traditional multiple-choice exam, so these quizzes do not pretend to duplicate the live test one-to-one. Instead, they strengthen the concepts, tool workflows, and exploit decision-making you need before attempting a hands-on exam.

Blueprint-style topic coverage — Mixed sets combine Burp Suite functionality, web fundamentals, XSS, SQL injection, CSRF, XXE, directory traversal, SSRF, and defense bypass logic. This helps you move between vulnerability classes rather than studying each topic in isolation.

Proportional timer — The real BSCP exam gives you 4 hours for two vulnerable applications and six exploitation stages. Because there is no official question count, each 20-question practice test uses an approximate 30-minute timer to encourage fast analysis while still giving enough time for scenario-based reasoning.

Topic-specific reinforcement — Domain-wise tests let you drill weak areas such as blind SQL injection, XSS exploitation flow, SSRF target selection, or Burp Scanner-assisted testing before returning to mixed practice.

BSCP Exam Preparation Tips

Study Strategy

Master Practitioner labs: PortSwigger recommends being able to complete every Practitioner-level Web Security Academy lab without using solutions. Treat that as the minimum readiness benchmark.

Practice exploitation chains: The exam requires more than finding a bug. You need to turn vulnerabilities into impact, such as stealing a session, extracting credentials, escalating to admin, or reading a target file.

Build payload notes: Keep a personal reference of XSS payloads, SQL injection extraction patterns, XXE structures, SSRF URL tricks, and encoding bypasses so you can move quickly during open-book testing.

Test-Taking Strategy

Follow the stages: Work in order: user access, admin access, then secret-file retrieval. Trying to jump ahead before completing the previous stage can waste valuable time.

Use Burp efficiently: Start with mapping, Repeater testing, targeted Scanner checks, and Collaborator where appropriate. A full application scan is usually not realistic inside the exam time window.

Avoid destructive actions: The exam applications contain powerful functionality. Deleting your own account or breaking core components can make the exam impossible to complete.

Frequently Asked Questions

How many questions are on the real BSCP exam?+
The real Burp Suite Certified Practitioner exam is not a multiple-choice test. It is a practical web exploitation exam with two vulnerable applications, and each application is completed through three stages: gaining user access, reaching the admin interface, and reading the target secret file.
How long is the BSCP exam?+
The BSCP exam lasts four hours. There is no pause or reset once the exam timer starts, so candidates should be comfortable using Burp Suite Professional quickly before beginning the official exam.
What is the passing score for the BSCP exam?+
PortSwigger does not publish a numeric scaled score for BSCP. The exam is assessed as a practical pass or fail based on whether you successfully exploit the required objectives and submit the required solutions during the exam process.
Are these BSCP practice tests free?+
Yes. All BSCP practice tests on Security Practice Test are free to use. Each mock test has 20 questions and is designed to help you review Burp Suite workflows, web vulnerability concepts, and exploitation logic before the practical exam.
How are the topic-wise BSCP questions distributed?+
The mixed sets combine questions from Burp Suite usage, web technologies, XSS, SQL injection, CSRF, XXE, directory traversal, SSRF, and defense bypass topics. The topic-wise tests let you focus on one area at a time before moving back to mixed practice.
Do I need Burp Suite Professional for the real BSCP exam?+
Yes. PortSwigger states that candidates need access to a valid, active Burp Suite Professional license for the certification exam. The exam is designed to test your ability to use Burp Suite Professional, not only general web security knowledge.
Can I retake the BSCP exam if I fail?+
Yes, but there is no retake button inside the exam. If you want to retake BSCP after a failed attempt, you need to purchase another exam and begin the exam process again.
Is the BSCP exam open book?+
Yes. PortSwigger describes the BSCP exam as open book, so you may use notes, books, and web resources. However, you must complete the exam without help from other people and should already be able to solve Practitioner-level Web Security Academy labs without solutions.

Ready to Test Your BSCP Knowledge?

Start with a mixed set to check your readiness, then use topic-wise practice to sharpen the vulnerability classes and Burp Suite workflows that need more review.

Start BSCP Practice Test 1 →

Authors

  • Security Practice Test Editorial Team

    Security Practice Test Editorial Team is the expert content team at SecurityPracticeTest.com dedicated to producing authoritative cybersecurity certification exam-prep resources. We create comprehensive practice tests, study materials, and exam-focused content for top security certifications including CompTIA Security+, SecurityX, PenTest+, CISSP, CCSP, SSCP, Certified in Cybersecurity (CC), CGRC, CISM, SC-900, SC-200, AZ-500, AWS Certified Security - Specialty, Professional Cloud Security Engineer, OSCP+, GIAC certifications, CREST certifications, Check Point, Cisco, Fortinet, and Palo Alto Networks exams. Our content is developed through careful review of official exam objectives, cybersecurity knowledge domains, and practical job-relevant concepts to help learners build confidence, strengthen understanding, and prepare effectively for certification success.

  • Sudhanshu Thakur - Reviewer

    Enterprise Technology and Digital Transformation Professional with 18+ years of experience in enterprise software, SaaS, industrial automation, and business consulting. Formerly associated with Rockwell Automation, Tech Mahindra, Emerson, ABB, L&T Infotech, and Hewlett Packard Enterprise.