Welcome to my PortSwigger-Academy-Notes repository! This repository contains my notes and solutions to the challenges in the PortSwigger Academy. These write-ups are meant to serve as a reference for myself and others who are interested in learning about web security. I hope you find them helpfull.
The purpose of this repository is to share notes and study materials for the Burp Suite Certified Practitioner Exam (BSCP). This repository contains my notes and study materials for the Burp Suite Certified Practitioner Exam (BSCP). These notes are meant to serve as a reference for myself and others who are preparing for the exam. I hope you find them helpful in your studies and best of luck on the exam!
There are three distinct learning paths, Server-Side Topics, Client-Side Topics, and Advanced Topics.
ID | Topic | Apprentice | Practitioner | Expert | Tools |
---|---|---|---|---|---|
Server-side topics | |||||
01 | SQL injection | ✔️ 0/2 | ✔️ 0/15 | - | |
02 | Authentication | ✔️ 0/3 | ✔️ 0/9 | ✔️ 0/2 | |
03 | Directory traversal | ✔️ 1/1 | ✔️ 5/5 | - | |
04 | Command inection | ✔️ 0/1 | ✔️ 0/4 | - | |
05 | Business logic vulnerabilities | ✔️ 0/4 | ✔️ 0/7 | - | |
06 | Information disclosure | ✔️ 0/4 | ✔️ 0/1 | - | |
07 | Access control | ✔️ 0/9 | ✔️ 0/4 | - | |
08 | File upload vulnerabilities | ✔️ 0/2 | ✔️ 0/4 | ✖️ 0/1 | |
09 | Server-side request forgery (SSRF) | ✔️ 0/2 | ✔️ 0/3 | ✔️ 0/2 | |
10 | XXE injection | ✔️ 0/2 | ✔️ 0/6 | ✔️ 0/1 | |
Client-side topics | |||||
11 | Cross-site scripting (XSS) | ✔️ 9/9 | ✖️ 13/15 | ✖️ 0/6 | |
12 | Cross-site request forgery (CSRF) | ✔️ 1/1 | ✔️ 7/7 | - | |
13 | Cross-origin resource sharing (CORS) | ✔️ 2/2 | ✔️ 1/1 | ✖️ 0/1 | |
14 | Clickjacking | ✔️ 3/3 | ✔️ 2/2 | - | |
15 | DOM-based vulnerabilities | - | ✔️ 5/5 | ✖️ 0/2 | |
16 | WebSockets | ✔️ 1/1 | ✔️ 2/2 | - | |
Advanced topics | |||||
17 | Insecure deserialization | ✔️ 1/1 | ✖️ 0/4 | ✖️ 0/3 | |
18 | GraphQL API Vulnerabilities | ✔️ 0/1 | ✖️ 5/6 | ||
19 | Server-side template injection | - | ✖️ 2/5 | ✖️ 0/2 | |
20 | Web cache poisoning | - | ✖️ 0/9 | ✖️ 0/4 | |
21 | HTTP Host header attacks | ✔️ 2/2 | ✖️ 0/4 | ✖️ 0/1 | |
22 | HTTP request smuggling | - | ✖️ 1/15 | ✖️ 0/7 | |
23 | OAuth authentication | ✔️ 1/1 | ✖️ 1/4 | ✖️ 0/1 | |
24 | JWT attacks | ✔️ 2/2 | ✖️ 2/4 | ✖️ 0/2 | |
25 | Client-side prototype pollution | - | ✖️ 0/5 | - | |
26 | Essential skills | - | ✖️ 0/2 | - |
.