10010101 101110 11001 001 101 0111 101101 01101

Go PRO and get to the next level!

INCLUDED STUDENT nav arrow icon mobile PRO nav arrow icon mobile ENTERPRISE
Friendly Support check icon check icon check icon
Beginner Friendly check icon check icon check icon
Access to all the PRO Exercises check icon check icon check icon
Access to Videos with Multilingual Subtitles information icon

We offer subtitles in multiple languages:

English, Hindi, Arabic, Spanish, Turkish, French, Chinese and Portuguese
check icon check icon check icon
Certificates of Completion check icon check icon check icon
Per Head Licensing check icon
Enterprise Dashboard check icon
Single Sign-On (using SAML) check icon
Assign Badge or Exercise to Complete to your Users check icon
Mix and Match our Challenges to Create your Own Badge check icon

What we do:

We've been teaching web security for years and have put together many well thought-out exercises to get you from zero to hero. Our exercises cover everything from really basic bugs to advanced vulnerabilities. Not only will we help you learn, but you'll also have fun doing it!

Why train with us:

We have put together a well-thought-through curriculum with challenges that increase in difficulty over time. This curriculum has been designed to get you to learn to solve problems and discover patterns that you would be able to apply to targets when doing pentest, code review and bug bounty. We will teach you how to find and exploit vulnerabilities manually and by creating your own scripts. Not just how to run exploits created by others.

What people are saying:

@PentesterLab is doing some 1337 deals. I bumbled my way through their labs and learnt a lot.

I had fun learning on @PentesterLab for a month and added a new skill in my pocket for my bug bounty journey a tips from @snyff him self. Thank you @vortexau for give me the opportunity..

@PentesterLab has been a valuable resource for me to increasing my web pentesting skills. Its very worth the price ! As a student i really gratefull to have a student subscription in PentesterLab.

Pentesterlab is a fantastic platform to develop a strong foundational technical capability for offensive security web research.

The best set of Exercises I've solved till date!
JWT, CVE's, scripting and a lot of things learnt!
I just completed @Pentesterlab 's Green Badge!!!

Pentesterlab helped me to learn new things about web application security. Their hands-on labs offer real-world scenarios, making learning engaging and effective. Pentesterlab is highly recommended for everyone starting their career in cyber security.

@Pentesterlab taught me a lot about why bad things happen rather than just type this command and pewpew

This one was really something I would enjoy doing over and over again.
Especially the AWS based challenge.
I just completed @Pentesterlab's recon badge!!!

I just completed @Pentesterlab 's Android Badge!!!
Great path , learnt about APK decompiling and AES

I just completed @Pentesterlab 's Essential Badge!!!
I have learnt lot of basic of the Authentication/ Authorization/ Code & Command Execution/ Directory Traversal/ File Include / LDAP /Open Redirect / SQL / SSRF/ SSTI / XML/ XSS much more.

I just completed @Pentesterlab's PCAP badge!!!
Learnt a few new tricks with wireshark thank you

I just completed @Pentesterlab 's Recon Badge!!!
Had so much fun on this one !

I just completed @Pentesterlab 's Recon Badge🎖️!!! totally enjoy all the challenges...😀

Thank You @Pentesterlab for amazing program.

pentesterlab good

Just Now Pentesterlab Pro Expired.Thanks again for the Pentesterlab Sub @codingo_ .It was a truly incredible learning experience with @PentesterLab .The Recon and Android Content badges were my favorites,but I do need to finish the Auth &Orange badges. Slow and Steady Wins the Race

I just completed @PentesterLab 's White Badge!!!
This was all sorts of fun, learnt a new approach to every webapp!!


I just completed @PentesterLab 's White Badge!!! a lot to learn and practice ❤️a Night well spent
Good Night World ./Log0ut

SURELY @PentesterLab .. The platform is superb and is a great way to start learning web app pentesting. Just follow along the exercises. If stuck watch videos. Wealth of knowledge. And all is done within browser. Absolute blast. Highly recommend to subscribe Pro.Enjoy your journey

Pentesterlab was the first platform I used to learn about hacking, when I started trying it on bug bounty. The methodology and exercises are excellent for beginners and advanced students as well.

It was fun time doing this badge . Learnt a lot of new stuff!!!!!!!!!
I just completed @PentesterLab 's Android Badge!!! #cybersecurity #infosec

My best investment in 2020 was buying @Pentesterlab account. I was solving code-execution challenge of Essential Badge which involved code review and I was mind-blown. I would strongly suggest @Pentesterlab
on the off chance that you are novice. U won't regret.😌

Woop Woop! I learnt some new stuff in this section. I just completed @Pentesterlab 's Recon Badge!!!

I just completed @PentesterLab 's Yellow Badge! RCE in several server applications, authentication bypasses and privesc == fun!
Give it a go.

Hacked the largest marketplace in my country!

Using what I learned in Android and Code Review Badges was able to achieve RCE. Then found a clever way to download every user order information.

I reported vulnerabilities to the company, and got offered a job.

I just completed @Pentesterlab 's Unix Badge!!!
Some Tips of the commands I learnt Most of you know it but for those who don't:
Did you know that find command can execute other commands within it
E.G find Folder -name filename -exec [command] {} \;
#bugbountytips #BugBounty

I just completed @Pentesterlab 's Blue Badge! JWT is fun 🤓

What our PRO members say:

I just finished the Intercept Badge. I think it’s one of the best on offer [...] I’m really glad to now have some hands-on experience with a few basic examples. The course material and videos are exactly what I needed to quickly learn and execute on the subject matter.
I consider PentesterLab to be a great resource for learning about web application security and ways how it can be subverted. Even though the exercises usually don’t take much time to complete they can teach a lot. I can’t but recommend it, especially to any aspiring junior penetration testers out there.
I just completed the JSON Web Token exercise and learned so much! As matter of fact, I've learned tons already from just doing the first few exercises. I wish I would have found your site sooner. It's by far the best way to learn web app security!
Chris Green


How often do you add content?
check icon
Our aim is to add new content every week. We are big believers of quality of quantity. We only want to add content if it adds real value to your learning process.
What happens after the 1-year user subscription?
check icon
We just stop your subscription. You can then decide to renew if you like. You can also renew earlier and the subscription will be added to your account.
Can I pay using AMEX?
check icon
Yes, we accept all major credit cards including AMEX, so rack up those points!
How do refunds work?
check icon
We offer a 15-day money-back guarantee. If you're not happy with our content just email us and we will process the refund. The only thing we will ask from you is to provide some feedback to help us improve the platform.
What happens after the 3-month student subscription?
check icon
We stop your subscription. You can then decide to renew if you like. You can also renew earlier and the subscription will be added to your account.
Can I use the student discount more than once?
check icon
Absolutely, as many times as you need!