-icon-white.svg){kind=icon}
Go PRO for Advanced Web Hacking and Security Code Review Training
One subscription. Every lab, every video, every badge.
Choose Your Plan
| Included | Student | PRO | Enterprise |
|---|---|---|---|
| Friendly Support | |||
| Beginner Friendly | |||
| Access to all PRO Exercises | |||
| Videos with Multilingual Subtitles Subtitles in English, Hindi, Arabic, Spanish, Turkish, French, Chinese and Portuguese, plus auto-generated subtitles in seven more languages | |||
| Certificates of Completion | |||
| Per Head Licensing | — | — | |
| Enterprise Dashboard | — | — | |
| Single Sign-On (SAML) | — | — | |
| Assign Badges & Exercises to Users | — | — | |
| Custom Badge Creation | — | — |
What you'll get:
-
Hands-on Labs
700+ exercises covering XSS, SQLi, JWT, SSRF, deserialization and more, all in real environments -
Video Walkthroughs
Detailed explanations of the bug, the exploit, and the fix, with subtitles in 15 languages -
Badge System
Earn badges as proof of skill, from essentials to advanced topics like JWT, Android, and Recon -
Certificates
Proof of completion you can share with employers and on LinkedIn
Why PRO works:
-
Learn the Why
Understand how bugs work at the source code level, not just which tool to run -
Progressive Depth
Structured paths take you from the basics to advanced exploitation, one skill at a time -
Real-World Skills
Apply what you learn directly to web pentests, security code review, and bug bounty work -
New Content Weekly
Fresh exercises keep pace with new vulnerability classes and the latest CVEs
Loved by the community
What our PRO members say:
I just finished the Intercept Badge. I think it's one of the best on offer [...] I'm really glad to now have some hands-on experience with a few basic examples. The course material and videos are exactly what I needed to quickly learn and execute on the subject matter.
I consider PentesterLab to be a great resource for learning about web application security and ways how it can be subverted. Even though the exercises usually don't take much time to complete they can teach a lot. I can't but recommend it, especially to any aspiring junior penetration testers out there.
I just completed the JSON Web Token exercise and learned so much! As matter of fact, I've learned tons already from just doing the first few exercises. I wish I would have found your site sooner. It's by far the best way to learn web app security!
Watch PRO in Action
Frequently Asked Questions
We aim to add new content every week. That said, we care more about depth than volume: new material ships when it meaningfully improves what you can learn, not to hit a publishing quota.
The 1-year subscription simply stops: no automatic renewal, no surprise charge. You can renew whenever you like, and if you renew early the extra time is added to your account. The monthly plan works differently: it renews automatically each month until you cancel.
Yes, we accept all major credit cards including AMEX, so rack up those points!
We offer a 15-day money-back guarantee. If you're not happy, just email us and we will process the refund. All we ask in return is some feedback to help us improve the platform.
Same as the yearly plan: it simply stops, with no automatic renewal. You can renew whenever you like, and if you renew early the extra time is added to your account.
Absolutely, as many times as you need!