SELLING Burp Suite Cert exam
by Crazyeights - December 02, 2021 at 05:11 AM
#1
Hello all,

Since burp exam is on sale till end of the day and they have recently changed how the exam works (you can no longer end early). I figured id sell some of the answers. They can be bought here https://sellix.io/product/61a842ad37579 using BTC, litecoin or ETH. 

For those wondering how the exam works basically you get two apps that have three sections. What I have noticed in the exam is that part 1 seems to have 8 variations of what you can get. They can be a bruteforce, reflected XSS, DOM XSS, or some poisonings. 

The second part seems to always be an SQLi if you have advanced search button. Otherwise it will be one of two other type of exploits. (They might have more but I have only seen three different ones)

The final section will always be one of the following LFI, OS command injection, XXE, SSRF or SSTI. (I have not seen anything outside these five)
The write up has everything except the SSRF as I only saw that one once.

Note: You will not be able to just copy and paste the answers into the test. The exam does randomize the GET parameters and may not be the except same name so you will have to make small tweaks. You will also have to put in your exploit-server link as specified or exam-server link where specified. 

sellix store
Reply
#2
Is there a test you can share on how to use the answers for the exam?
Reply
#3
(December 02, 2021 at 05:11 AM)Crazyeights Wrote: Hello all,

Since burp exam is on sale till end of the day and they have recently changed how the exam works (you can no longer end early). I figured id sell some of the answers. They can be bought here https://sellix.io/product/61a842ad37579 using BTC, litecoin or ETH. 

For those wondering how the exam works basically you get two apps that have three sections. What I have noticed in the exam is that part 1 seems to have 8 variations of what you can get. They can be a bruteforce, reflected XSS, DOM XSS, or some poisonings. 

The second part seems to always be an SQLi if you have advanced search button. Otherwise it will be one of two other type of exploits. (They might have more but I have only seen three different ones)

The final section will always be one of the following LFI, OS command injection, XXE, SSRF or SSTI. (I have not seen anything outside these five)
The write up has everything except the SSRF as I only saw that one once.

Note: You will not be able to just copy and paste the answers into the test. The exam does randomize the GET parameters and may not be the except same name so you will have to make small tweaks. You will also have to put in your exploit-server link as specified or exam-server link where specified. 

sellix store

PP payment maybe? pls Smile
Reply
#4
(December 02, 2021 at 06:57 PM)Gearhacks Wrote: Is there a test you can share on how to use the answers for the exam?

It would be basically the same if you did the practice exam or labs. So an example would be for the search function on the exam attempt you may get:
Testa.Example.com/?search=test. 

The answer key would say:
Testb.Example.com/?search-result=test

It would be the exact same exploit but you would have to replace the subdomain from the answer key with Testa and the parameter from search-result to search. Otherwise it's the exact same.
Reply
#5
ok, so you guarantee that with your answers you will pass the exam?

another question,

Is the exam proctored?
Reply
#6
The exam uses examity to "proctor". Basically before the exam starts you log in take a photo with your webcam, take a photo of your id with your webcam. Then they watch you enter an exam password. Once that is done you can close the proctoring tool and do the exam. They dont actually watch the exam they just confirm your identity.

As for the guarantee, I would say with my answers you most likely will pass. The exam is a random set app created from a bunch of challenges. While I have tried my best to get all the combinations I cant be 100% certain I got everything as it is random. That being said I did take the test over 20 times and I didnt see anything outside of the scenarios written above. The only one I did not get answers for is one part 3 challenge for SSRF due to them changing the exam on the last day of the sale. (You cant end early anymore meaning once you start an attempt now you are locked in for 4hours)

That being said when I gave the answer key to my colleagues both of them passed on the first attempt. So you have a high likelihood of passing on the first attempt with these solutions. Also currently if you pass Burp will send you swag as less then 100 people have finished the exam so far.
Reply
#7
if I am the first to buy, can you give me a discount?
Reply
#8
Hello

Can you please PM me your discord ID? would like to talk to you about this and pay using some alternate method.

Wishes,
Cody
Reply
#9
(December 03, 2021 at 03:49 PM)Gearhacks Wrote: if I am the first to buy, can you give me a discount?

So I already had a few people buy actually as for a discount the key is already pretty discounted. Other sellers currently are selling for $100+ and I am giving users a 50% discount of that price as i am just looking to recoop costs which i still need about 5+ sales to even break even with the fees sellrix charges.

(December 03, 2021 at 05:49 PM)xindcoderx Wrote: Hello

Can you please PM me your discord ID? would like to talk to you about this and pay using some alternate method.

Wishes,
Cody

I can PM you my discord ID if you would like to discuss further however the methods listed are the only ways I would be willing to take payment. This is just more safe from fraud/chargebacks from my side as well as some better privacy. Let me know if you would still like my discord id to talk further.
Reply
#10
(December 03, 2021 at 06:46 PM)Crazyeights Wrote:
(December 03, 2021 at 03:49 PM)Gearhacks Wrote: if I am the first to buy, can you give me a discount?

So I already had a few people buy actually as for a discount the key is already pretty discounted. Other sellers currently are selling for $100+ and I am giving users a 50% discount of that price as i am just looking to recoop costs which i still need about 5+ sales to even break even with the fees sellrix charges.

(December 03, 2021 at 05:49 PM)xindcoderx Wrote: Hello

Can you please PM me your discord ID? would like to talk to you about this and pay using some alternate method.

Wishes,
Cody


I can PM you my discord ID if you would like to discuss further however the methods listed are the only ways I would be willing to take payment. This is just more safe from fraud/chargebacks from my side as well as some better privacy. Let me know if you would still like my discord id to talk further.


@Crazyeights

Sure, please PM me the discord ID, (this way i can instant message you), I'd like to discuss a bit more, and i can try to send in the payment using litecoin or btc Smile
Reply
#11
I already bought the document but it is directly from burp academy answers, not shown as a real case in a real exam. CryCryCryCry

Cry
Cry
Cry
Reply
#12
It is the actualy exam. The links are where you can find more information if needed. You should look at the document more.
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
SELLING Burp Suite Certified Practitioner Writeups yours_truly 80 9,378 4 hours ago
Last Post: Elenors32
eMAPT-Burp-CRTP-CRTE Currently Exam kmdal22 8 552 6 hours ago
Last Post: kmdal22
SELLING Burp exam writeup (DOCTYPE disallowed included) TickTalk1963 5 459 Yesterday at 08:54 PM
Last Post: awien

 Users browsing this thread: 1 Guest(s)