We've been teaching web security for years and have put together many well thought-out exercises to get you from zero to hero. Our exercises cover everything from really basic bugs to advanced vulnerabilities. Not only will we help you learn, but you'll also have fun doing it!
We have put together a well-thought-through curriculum with challenges that increase in difficulty over time. This curriculum has been designed to get you to learn to solve problems and discover patterns that you would be able to apply to targets when doing pentest, code review and bug bounty. We will teach you how to find and exploit vulnerabilities manually and by creating your own scripts. Not just how to run exploits created by others.
I just finished the Intercept Badge. I think it’s one of the best on offer [...] I’m really glad to now have some hands-on experience with a few basic examples. The course material and videos are exactly what I needed to quickly learn and execute on the subject matter.
I consider PentesterLab to be a great resource for learning about web application security and ways how it can be subverted. Even though the exercises usually don’t take much time to complete they can teach a lot. I can’t but recommend it, especially to any aspiring junior penetration testers out there.
I just completed the JSON Web Token exercise and learned so much! As matter of fact, I've learned tons already from just doing the first few exercises. I wish I would have found your site sooner. It's by far the best way to learn web app security!