Burp Suite
Proxy, Repeater, Intruder, Scanner, extensions, sessions, authentication testing.
Before starting, we run a 1-minute tech check β microphone, ambient noise, connection. If your setup isn't good enough, the test is fully refunded.
Proxy, Repeater, Intruder, Scanner, extensions, sessions, authentication testing.
Before starting, we run a 1-minute tech check β microphone, ambient noise, connection. If your setup isn't good enough, the test is fully refunded.
Prove you actually know Burp Suite -- Proxy, Intruder, Scanner, BApp extensions and session handling -- with a 15-minute AI oral exam that goes way deeper than any multiple-choice cert.
The Plume Burp Suite badge certifies your hands-on mastery of PortSwigger Burp Suite Professional through a 15-minute live oral exam with an AI examiner. The conversation covers real operational scenarios: setting up the Proxy with Match and Replace rules, picking the right Intruder mode (Sniper, Pitchfork, Cluster Bomb) for a specific attack, configuring macros and Session Handling Rules to keep an authenticated scan alive when tokens expire every 30 seconds, exploiting extensions like Autorize, Turbo Intruder, JWT Editor and Logger++, and integrating Burp into a CI/CD pipeline via the Burp Enterprise REST API. You'll also be asked when you'd leave Burp behind -- gRPC testing, heavy certificate pinning, complex WebSocket flows -- because knowing the tool's limits is part of mastering it.
What makes this badge credible is that it cannot be faked by reading documentation. The AI examiner (OpenAI Realtime) digs into specifics that only someone with real pentest experience knows: how you handle a JWT with a short expiry during a scan, how DOM Invader changed your DOM XSS hunting, why you picked Turbo Intruder instead of native Intruder for a particular race condition. A second AI (Claude Opus) reads the full transcript and produces a 0-100 score with a certified proficiency level, a detailed per-dimension breakdown, and a shareable badge URL -- all delivered within 24 hours.
This badge is for web pentesters, bug bounty hunters, AppSec engineers, and security freelancers who want a verifiable proof of their Burp Suite skill level. Whether you're applying for a Red Team role, pitching a penetration testing contract, or leveling up your bug bounty profile, the Burp Suite badge gives recruiters and clients something concrete to evaluate -- not just your word for it.
Here are the concrete dimensions the AI examines during the 15-minute oral.
Precise configuration of the Burp Proxy including CA certificate setup, Match and Replace rules, scope filtering, and Proxy history filters for efficient session analysis during a web pentest.
Choosing between Sniper, Battering Ram, Pitchfork and Cluster Bomb for the right attack scenario, building payload sets, managing request throttling, and working around rate-limiting and lockout protections.
Configuring active and passive scan policies, scoping crawls correctly, triaging scanner output to separate real issues from false positives, and generating client-ready reports from Burp findings.
Building macros for automatic re-authentication, writing Session Handling Rules that keep scans alive against apps with short-lived JWTs or rotating CSRF tokens, and validating session state across requests.
Contextual use of Logger++, Autorize, Turbo Intruder, JWT Editor, Param Miner, InQL and others. Understanding when each extension adds real value over native Burp, and optionally writing custom extensions in Java or Jython.
Testing JWT vulnerabilities (alg:none, RS256 to HS256 key confusion), SSO/SAML weaknesses, MFA bypass techniques and OAuth flow manipulation, using Burp's native tools and dedicated extensions.
Running automated scans via the Burp Enterprise REST API, integrating Burp into DevSecOps pipelines, and knowing when to reach for ZAP, Nuclei, Caido or custom scripts instead of Burp.
Working knowledge of DOM Invader for DOM XSS and prototype pollution hunting, Bambdas for custom Java-based Proxy history filtering, and a well-reasoned view on how Burp compares to emerging alternatives.
Final scoring is performed by Claude (Anthropic), which reads back the full transcript and applies this weighted criteria grid.
Ability to explain the inner workings of Burp's core modules (Proxy, Repeater, Intruder, Scanner, Collaborator) with precision, including advanced options and how they interact in a real pentest workflow.
Are the scenarios described credible, specific and operationally detailed? The examiner assesses whether examples reflect genuine engagement experience rather than lab exercises or documentation paraphrasing.
Demonstrated mastery of macros, Session Handling Rules and complex authentication flows (JWT, MFA, SSO). Can the candidate explain exactly how they keep an authenticated scan running against a well-defended app?
Practical knowledge of the BApp Store and the ability to justify extension choices over native Burp capabilities. Bonus credit for candidates who have written or modified a Burp extension for a specific engagement need.
Ability to identify where Burp Suite falls short (gRPC, mobile certificate pinning, exotic WebSocket protocols) and to argue for specific alternatives with solid technical reasoning.
A Plume session takes about 20 minutes, from tech check to badge delivery.
Mic level, connection quality and audio clarity are confirmed. The AI briefly explains the format: 15 minutes, no slides, just a spoken conversation about your real Burp Suite experience. No surprises.
You introduce yourself and describe your most recent or most technically complex Burp Suite engagement: the type of target (web app, API, hybrid), your role in the team, and the scope of what you tested.
The AI digs into your specifics: session macros you've built, which Intruder mode you chose and why, which BApp extensions you reached for, how you handled JWT expiry during a scan, whether you've used Bambdas or DOM Invader. It adapts to your answers and follows up on anything vague or overclaimed.
You're asked about Burp's blind spots, the tools you use when Burp isn't the right fit, and how recent evolutions like DOM Invader, Bambdas, or the rise of Caido have shaped your day-to-day practice.
Claude Opus analyses your transcript and produces a 0-100 score, a certified proficiency level (Novice / Proficient / Advanced / Expert), a detailed report by dimension, and a shareable badge URL. You get everything by email.
Your score out of 100 translates into a level a recruiter can grasp at a glance.
You've discovered Burp Suite through labs like PortSwigger Web Academy or TryHackMe. You can intercept traffic, modify requests in Repeater, and run a basic passive scan. You haven't used Burp on real-world engagements yet and the advanced session and automation features are largely unfamiliar.
You use Burp regularly on bug bounty programs or freelance engagements. You're comfortable with multiple Intruder modes, scope configuration, a handful of BApp extensions, and producing basic scan reports. Complex macros, Session Handling Rules and advanced auth testing still trip you up occasionally.
You run full authenticated scans with macros and Session Handling Rules, use Turbo Intruder for race conditions and high-speed fuzzing, leverage JWT Editor and Autorize for access control testing, and know when to switch to a different tool. You integrate Burp into client deliverables and team workflows.
You have deep command of the entire Burp Suite Professional and Enterprise ecosystem: Bambdas, DOM Invader, REST API, custom extension development. You train junior pentesters, define your team's audit processes, and can give a nuanced, well-argued comparison of Burp against Caido, ZAP or bespoke tooling.
No degree or years of experience required to take the badge. Here are the profiles it makes the most sense for.
Burp Suite is your daily driver. The badge gives clients and employers a verifiable proof of your operational depth -- not just a self-declared LinkedIn skill or a certification that doesn't test the tool directly.
An Advanced or Expert Burp Suite badge strengthens your HackerOne or Bugcrowd profile and helps you get accepted into private programs that need hunters who can prove their tooling competency before being given access.
You use Burp to audit your own apps and integrate scanning into CI/CD. The badge proves you go beyond basic proxy use and can interpret scanner output at a level that drives real remediation decisions.
Pairing your OSCP or degree with a Burp Suite Proficient or Advanced badge shows hiring managers you have hands-on tool mastery -- not just exam knowledge -- and that you're ready to contribute from day one.
A verified badge on your LinkedIn or portfolio page sets you apart from self-declared consultants and gives enterprise clients a concrete reason to trust your rate card before seeing a single pentest report.
Where and how your Burp Suite badge will help you day to day.
You're applying for a Red Team consultant role at a security firm. The hiring manager receives your Burp Suite Advanced badge with the detailed AI report -- they know exactly where you're strong and where you still have room to grow, without running a 3-hour internal tech test.
You add your badge URL to your LinkedIn profile. A CISO looking for a web pentester clicks through, sees your 81/100 Advanced score and the per-dimension breakdown, and reaches out directly -- skipping the basic screening questions entirely.
You submit your Burp Suite Expert badge with your application to a private HackerOne program. The platform or the client can see objective evidence of your tooling competency, increasing your chances of selection over hundreds of other applicants.
A security team lead wants to assess the Burp Suite skill level of three analysts before assigning them to web pentest work. Plume badges give an objective, comparable snapshot of each person's capabilities without running an internal exam.
You're a backend developer moving into application security. Passing the Burp Suite Proficient badge proves to your next employer that you already have meaningful hands-on tool experience, even without a formal security job title on your CV yet.
Your consulting firm is bidding on a recurring penetration testing contract. Including your consultants' Burp Suite badges in the technical proposal adds immediate credibility on team tooling skills -- something OSCP or CEH certificates don't specifically demonstrate.
A few minutes to check you have everything you need.
At the end of your session you don't just get a score β here's everything that awaits you.
You get a precise numeric score and an official proficiency level (Novice, Proficient, Advanced, Expert) based on AI analysis of your actual Burp Suite mastery -- covering Proxy, Intruder, Scanner, sessions and extensions.
A structured report breaks down your strengths and growth areas across every evaluated dimension: session handling, BApp extension usage, Intruder technique, critical thinking. Useful for your next engagement prep or interview.
Your 15-minute oral is securely stored and accessible only to you. Replay it to catch where you hesitated on specific Burp features and sharpen those areas before retaking the badge or heading into a client interview.
A public, verifiable page shows your Burp Suite badge with your score and level. Drop it on LinkedIn, your CV, your portfolio or a proposal document. Anyone who clicks sees real evidence -- not just a checkbox.
Discover related skills you can validate with Plume.
A 15-min oral exam with an AI, a shareable badge for your recruiters.
Choose this badge Β· β¬19.99