We make learning Web Hacking easier!

We have been teaching web security for years and put together well thought-out exercises to get you from zero to hero. Our exercises cover everything from really basic bugs to advanced vulnerabilities. You will have fun and we will help you in your learning!

PentesterLab for one year

Get full access to PentesterLab PRO for a year
and pay $199.99 instead of $239.88! That's 2 months for free!

Stay Sharp with our Private Exercises!

Get access to private exercises! There are currently 486 private exercises available through PentesterLab PRO!

And we are publishing at least one new exercise every month!

Learn Online!

Want a quick access to the labs, work online!! We have setup our key exercises as online labs!

Learn by watching!

Follow our step-by-step videos on how to exploit the vulnerabilities covered in each exercises. Learn some tips and tricks!! Already, 581 videos available (around 1 day, 16 hours, and 21 minutes) covering our best exercises.

Still not sure?

Check this in-depth review:
"After completing my fourth badge on PentesterLab, I have enjoyed it so much that I thought I would pass on the word on what a great learning resource it is. If I had to summarise it in one sentence, I would say an extremely well written educational site about web application pentesting that caters to all skill levels and makes it easy to learn at an incredibly affordable price"

or this one from @johntroony:
"I can’t find better web-hacking labs for such a price!"

Get some awesome stickers

When you join PentesterLab PRO, you can give us your address and we will send you some awesome stickers:

Pay by credit card:

Buy now

or use Paypal:

Buy now

or use BitCoin

Certificates of completion

23 different certificates are already available, including the Unix Badge (35 exercises), the Essential Badge (60 exercises), the Intercept Badge (5 exercises) and the Serialize Badge (5 exercises) .

And we are currently rolling out the Orange Badge, the Android Badge and the PCAP badge!

... I just completed the JSON Web Token exercise and learned so much! As matter of fact, I've learned tons already from just doing the first few exercises. I wish I would have found your site sooner. It's by far the best way to learn web app security!

Chris Green Security Analyst

The exercises and course content provided by PentesterLab has allowed for me to continually excel in bug bounties and penetration testing in my career by ensuring that I am well aware of the techniques, methods and attack vectors that any good pentester should know. As PentesterLab Pro does not require you to set up VMs, more time has been spent on learning and applying rather than simply setting up labs or vulnerable VMs. The return received from subscribing to PentesterLab has been far greater than the little investment that I have put in.

Shubham Shah (@infosec_au) Senior Security Analyst

Any questions?
Check out our FAQ or email us.

Pentesterlab is a great way to practice testing skills and learn new attacks. For the time poor, the new online exercises allow you to have an exercise ready at a moment's notice. Many of the more difficult exercises really make you stop and think deeply about the vulnerability and how to approach exploiting it. I've especially been enjoying the new Serialization exercises.

. Senior Security Consultant and Ethical Hacker.

I consider PentesterLab to be a great resource for learning about web application security and ways how it can be subverted. Even though the exercises usually don’t take much time to complete they can teach a lot. I can’t but recommend it, especially to any aspiring junior penetration testers out there.

Jan Kopriva Jan Kopriva CSIRT Team Leader

Completed the @PentesterLab White badge and Intercept badges. Was a lot of fun... highly recommended. Can't beat the price either!

Cooper Forensic and Threat Intelligence Advisor

Payments are processed using Stripe. Your credit card number does not even go through our server. You can learn more about their security here.