# PentesterLab

> Learn Web Hacking and Security Code Review through hands-on exercises

PentesterLab is an interactive cybersecurity training platform focused on web application security and secure code review. The platform offers 700+ hands-on exercises covering real-world vulnerabilities, CVEs, and security concepts. Learners progress through structured badge tracks, from beginner fundamentals to advanced exploitation techniques.

## Introduction

- [Homepage](https://pentesterlab.com): Main landing page with platform overview
- [Exercises](https://pentesterlab.com/exercises): Browse all 700+ hands-on security exercises
- [PRO Subscription](https://pentesterlab.com/pro): Access to all exercises, badges, and certificates ($19.99/month or $199.99/year)
- [Bootcamp](https://pentesterlab.com/bootcamp): Structured self-paced program for beginners entering infosec
- [AppSecSchool](https://pentesterlab.com/appsecschool): Free educational videos on YouTube covering security topics
- [Live Training](https://pentesterlab.com/live-training): Instructor-led web security code review training ($950/session)
- [Blog](https://pentesterlab.com/blog): Weekly security research roundups and technical articles

## Full Documentation

- [llms-full.txt](https://pentesterlab.com/llms-full.txt): Comprehensive platform documentation with all exercises, blog posts, glossary terms, and detailed descriptions.

## Sitemaps

- [XML Sitemap](https://pentesterlab.com/sitemap.xml): Contains all public & indexable URLs for this website.

## Badge Tracks (Learning Paths)

PentesterLab organizes exercises into badge tracks that provide structured learning progression:

### Foundational Badges
- **Introduction**: Foundational web security concepts for beginners
- **Unix**: 35 exercises covering Linux/Unix fundamentals essential for security testing
- **Essential**: 60 core web security exercises covering fundamental vulnerabilities
- **HTTP**: 43 exercises on HTTP protocol, headers, and web server behavior
- **PCAP**: 35 network packet analysis exercises using Wireshark and similar tools
- **Recon**: 27 reconnaissance exercises for information gathering techniques

### Vulnerability-Focused Badges
- **White**: Critical vulnerabilities including Shellshock and JWT basics (6 exercises)
- **Yellow**: CVEs and cryptographic attacks (7 exercises)
- **Blue**: JWT and cryptography deep-dive (11 exercises)
- **Green**: Advanced exploitation scenarios (16 exercises)
- **Orange**: Client-side vulnerabilities and CORS attacks (15 exercises)
- **Brown**: Advanced exploitation techniques (26 exercises)
- **Serialize**: Deserialization attack patterns (5 exercises)
- **Intercept**: Man-in-the-middle attack techniques (5 exercises)
- **Auth**: 25 authentication and authorization bypass exercises
- **Android**: 8 mobile application security exercises
- **CTF**: 6 capture-the-flag style challenges
- **Media**: 20 media processing vulnerability exercises
- **Java Deserialization**: 12 Java deserialization vulnerability exercises

### API Security
- **API**: 41 exercises covering REST API vulnerabilities, authentication flaws, and injection attacks

### Code Review Badges
- **Code Review**: 107 exercises on identifying vulnerabilities in source code
- **Java Code Review**: 73 Java-focused security code review exercises
- **Python Code Review**: 20 Python security analysis exercises
- **Golang Code Review**: 44 Go language code review exercises

## Exercise Categories

Exercises cover a wide range of security topics including:

- **SQL Injection**: From basic to advanced injection techniques
- **Cross-Site Scripting (XSS)**: Reflected, stored, and DOM-based XSS
- **Command Execution**: OS command injection and exploitation
- **File Inclusion**: Local and remote file inclusion vulnerabilities
- **Server-Side Template Injection (SSTI)**: Template engine exploitation
- **SSRF**: Server-side request forgery attacks
- **XXE**: XML external entity injection
- **JWT Security**: Algorithm confusion, signature bypass, and token attacks
- **OAuth2**: OAuth flow vulnerabilities and misconfigurations
- **SAML**: SAML authentication bypass techniques
- **Authentication/Authorization**: Session management and access control flaws
- **CVE Exercises**: 500+ real-world CVE reproductions for practical learning

## Notable Blog Posts

### Getting Started & Career
- [A Strategy to Land Your First Pentest Job](https://pentesterlab.com/blog/a-strategy-to-land-your-first-pentest-job): Practical advice for breaking into penetration testing
- [10 Common Mistakes Aspiring/New Pentesters Make](https://pentesterlab.com/blog/10-common-mistakes-aspiring-new-pentesters-make): Avoid common pitfalls when starting your security career
- [Advice for New Pentesters](https://pentesterlab.com/blog/advice-for-new-pentesters): Guidance for those new to penetration testing
- [What to Expect from a Security Internship](https://pentesterlab.com/blog/what-to-expect-security-internship): Insights for security interns
- [Pentester vs. Security Researcher: Skills, Career Paths](https://pentesterlab.com/blog/pentester-vs-security-researcher-career-paths): Compare career paths in security
- [6 Questions to Ask When Interviewing for an AppSec Role](https://pentesterlab.com/blog/6-questions-to-ask-when-interviewing-for-an-appsec-role): Interview preparation tips
- [The Interview](https://pentesterlab.com/blog/the-interview): What to expect in security job interviews
- [Writing a Good Resume](https://pentesterlab.com/blog/writing-a-good-resume): Resume tips for security professionals

### Technical Guides
- [The Ultimate Guide to JWT Vulnerabilities and Attacks](https://pentesterlab.com/blog/jwt-vulnerabilities-attacks-guide): Comprehensive JWT security guide
- [How to Securely Design Your JWT Library](https://pentesterlab.com/blog/secure-jwt-library-design): JWT implementation best practices
- [Algorithm Confusion Attacks Against JWT Using ECDSA](https://pentesterlab.com/blog/exploring-algorithm-confusion-attacks-on-jwt-exploiting-ecdsa): Advanced JWT attack techniques
- [The State of JWT Libraries on JWT.io](https://pentesterlab.com/blog/state-of-jwt-io): Security analysis of popular JWT libraries
- [Introduction to Secure Code Review](https://pentesterlab.com/blog/introduction-to-secure-code-review): Getting started with code review
- [OWASP Top 10: What It Is and How to Really Use It](https://pentesterlab.com/blog/owasp-top-10-for-appsec-pentesters): Practical OWASP Top 10 guide
- [Hacking with Curl](https://pentesterlab.com/blog/tricks-to-hack-with-curl): HTTP testing and exploitation with curl
- [The Power of Scripting in Web Hacking](https://pentesterlab.com/blog/the-power-of-scripting-in-web-hacking): Automation for security testing
- [Encoding Is Not Magic](https://pentesterlab.com/blog/encoding-is-not-magic): Understanding encoding in security contexts

### Code Review Methodology
- [How to Start Reviewing Code?](https://pentesterlab.com/blog/how-to-start-reviewing-code): Beginning your code review journey
- [Scoping a Security Code Review](https://pentesterlab.com/blog/scoping-security-code-review-guide): Planning effective code reviews
- [The Difference Between Good and Bad Code Reviewers](https://pentesterlab.com/blog/difference-good-bad-code-reviewers): What separates effective reviewers
- [Effective Note-Keeping for Web Security Code Reviews](https://pentesterlab.com/blog/effective-note-keeping-web-security-code-reviews): Documentation during reviews
- [Spotting Discrepancies in Security Code Reviews](https://pentesterlab.com/blog/spotting-discrepancies-in-security-code-reviews): Finding subtle vulnerabilities
- [Why Settle for a Bug When You Can Catch a Swarm?](https://pentesterlab.com/blog/code-review-catch-a-swarm-instead-of-a-bug): Finding vulnerability patterns
- [On Pentesting and Code Review Strategies](https://pentesterlab.com/blog/pentesting-code-review-strategies): Strategic approaches to security testing

### Learning & Skill Development
- [Mastering Hacking Through Deliberate Practice](https://pentesterlab.com/blog/mastering-hacking-skills): Structured approach to skill development
- [5 Essential Activities for Aspiring Web Hackers](https://pentesterlab.com/blog/essential-web-hacker-activities): Key activities for learning web security
- [Don't Let Tools Spoil Your Hacking Education](https://pentesterlab.com/blog/dont-let-tools-spoil-your-hacking-education): Manual skills over automation
- [Embrace the Suck!](https://pentesterlab.com/blog/embrace-the-suck): Perseverance in learning security
- [Reading Between the Lines: A Guide to Thoughtful Learning](https://pentesterlab.com/blog/reading-between-the-lines-security-learning): Deep learning strategies
- [Learn Web Pentesting: Invariants and Feedback Loops](https://pentesterlab.com/blog/invariants-feedback-loops-web-pentesting): Mental models for testing
- [Building Blocks](https://pentesterlab.com/blog/building-blocks): Foundational security concepts

### Language-Specific Security
- [6 Easy Bugs to Find in Golang Source Code Reviews](https://pentesterlab.com/blog/6-easy-bugs-golang-source-code-review): Common Go vulnerabilities
- [CORS Vulnerabilities in Go](https://pentesterlab.com/blog/golang-cors-vulnerabilities): Go-specific CORS issues
- [Exploring CORS Vulnerabilities in Rust](https://pentesterlab.com/blog/rust-cors-vulnerabilities): Rust CORS patterns
- [Is PHP Really Getting Better?](https://pentesterlab.com/blog/php-security-is-improving): PHP security evolution
- [What Makes a Language More Secure](https://pentesterlab.com/blog/what-makes-a-language-more-secure): Language security comparisons

### Industry Insights
- [The Certification Trap](https://pentesterlab.com/blog/the-certification-trap): Perspective on security certifications
- [Secure Coding Training Versus Security Code Review Training](https://pentesterlab.com/blog/secure-coding-vs-security-code-review): Training approaches compared
- [Hiring Your First AppSec Engineer](https://pentesterlab.com/blog/hiring-your-first-appsec-engineer): Building security teams
- [How AI-Generated Code Is Changing Secure Code Review](https://pentesterlab.com/blog/secure-code-review-ai-code): AI impact on code review
- [Vulnerabilities Are Cattle, Not Pets](https://pentesterlab.com/blog/vulnerabilities-are-cattle-not-pets): Vulnerability management philosophy

## Content Notes

- **Weekly Updates**: New exercises and blog posts are added regularly
- **PRO Required**: Most exercises require a PRO subscription; some free exercises are available
- **Hands-On Focus**: All exercises involve exploiting real vulnerabilities in controlled environments
- **CVE Coverage**: 500+ CVE exercises covering real-world vulnerabilities from 2014-2025
- **Multi-Language**: Video subtitles available in English, Hindi, Arabic, Spanish, Turkish, French, Chinese, and Portuguese
- **Certificates**: Completion certificates available for badge tracks
- **Money-Back Guarantee**: 15-day refund policy on PRO subscriptions

## Contact

- Website: https://pentesterlab.com
- Private Training: contact@pentesterlab.com
- Twitter/X: @PentesterLab