Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum will be discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Centre. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTRE DISCORD

Create new post

BSCP: Examity - Proctoring and other stuff

Giulio | Last updated: Jun 28, 2023 12:53PM UTC

Hi, I will soon start my BSCP exam but I have a few key questions that I would like to clarify before beginning the exam related to how the Examity works and the proctoring environment. Currently, I do not have a Windows environment with Burpsuite and all my tools/extensions where I can take the exam, however, I can quickly spawn a Windows VM. How does the verification work? Can I use the Windows VM to prove my identity, show the room/physical environment and then close to continue the exam on my host? Can you provide me with a little more info about that? Thanks!

nobug | Last updated: Jun 29, 2023 03:01AM UTC

I have similar questions. I run chrome in Windows host but run burp only in WSL kali VM for isolation because of security concerns. Is my workflow applicable for BSCP exam? I have experience participating in the OSCP exam, in which this kind of workflow was applicable. I am from China and thanks to the censorship for the network flow, auto scanning by scanners like nmap or burp to the exam lab VM may get great packet loss, what is too bad condition to take a exam. So I tried rent a VPS geographically close to the exam lab VM to improve the net lag and packet loss. In the exam the Proctor provided a script to detect the env of my system, but only for my host machine, no need for the VMs. And emphasized that my workflow was applicable but not recommended, because if any network problems occuerred in my workflow, they were not able to help with it as they just support for the classic direct-connection workflow. So what are the relevant policies for the BSCP?

Ben, PortSwigger Agent | Last updated: Jun 29, 2023 08:22AM UTC

Hi both, To confirm, the proctoring aspect of the exam is purely used for identification purposes at the start of the exam. After this process has been completed you no longer need to have your camera on etc. The plug-in provided by Examity, who we currently use to provide the proctoring service for the exam, does not support being used in Linux based systems, which is where the restriction on not using Linux machines within the exam comes from. It is also worth noting that there can be issues using a virtual machine to carry out the proctoring aspect as well (Examity can detect the use of virtual machines). Having said the above, we have had users who have successfully completed the exam by running a Windows host, and used this to complete the proctoring part of the exam, before then moving to a Linux virtual machine (which is being hosted on the Windows machine) to actually interact with the two exam applications and carry out the exam itself. Unfortunately, we cannot really advise anything other than using the supported Windows or Mac physical machines to perform the proctoring aspect of the exam as we cannot guarantee that any other approach will not be picked up by Examity and cause you adverse issues during the exam.

Giulio | Last updated: Jun 29, 2023 01:09PM UTC

Thank you, Ben, that was extremely clarifying. I will see If I can perform some sort of "simulation" with Examity to check if everything works fine, otherwise, I will simple set up a working windows host for both the proctoring and the actual exam. Thanks!

z10x | Last updated: Aug 09, 2023 02:47AM UTC

Hi, is it possible to run a dual boot? verify Examity from a Windows host, then move into the Linux host (i have all my enviroment, tools and notes there) to start the exam, or does Examity need to be running the entire exam?

Ben, PortSwigger Agent | Last updated: Aug 09, 2023 08:47AM UTC

Hi, As noted earlier in this thread, the proctoring phase of the exam is only used to verify your identity so you do not need to have this running for the entire exam. As also noted, we have had people using a Windows/Mac host to complete the proctoring phase of the exam before then moving to a Linux virtual machine to actually interact with the exam applications. A dual boot system should mimic this approach but we would always stress that this is carried out at your own risk.

Henri | Last updated: Aug 05, 2024 11:59PM UTC

Hello, I also use a Linux host on my computer. I get that using VM is not recommended and I would like to avoid adding a dual boot on my computer. I don't need windows so I will want to remove it after but I'm not keen on messing with my partition. I've got an old computer which runs on Windows. Is possible to use this one for the protectoring phase, then switch back to my linux computer which holds all my tools ?

Michelle, PortSwigger Agent | Last updated: Aug 06, 2024 12:09PM UTC

Hi We generally recommend using a physical machine for the proctoring as we have had customers report in the past that they have not been able to log in to their Examity account from a virtual machine. You could potentially perform a test logging in to your Examity account from a virtual machine to see if you can log in and see if it allows you to check the tests that would be run as part of the proctoring (e.g. access to camera). You would just need to be prepared that there can sometimes be problems when connecting to Examity like this at the time you take your exam. I hope this helps.

Hope | Last updated: Aug 27, 2024 11:07PM UTC

hello! I don't understand what credits need to be entered during proctoring. I drove credits from the portswigger account, but it turns out that this is wrong

Hope | Last updated: Aug 27, 2024 11:14PM UTC

I mean the credentials))

Ben, PortSwigger Agent | Last updated: Aug 28, 2024 07:50AM UTC

Hi, You are provided with a unique exam password that needs to be entered during the proctoring process - there is a button in the Examity plug-in entitled 'Insert password' you need to click this in order to populate and enter this password and be able to start the exam. To confirm, clicking this button is the only way to obtain this password (it is not the password that you use for your Portswigger user account).

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.