PentesterLab is an easy and straight forward resource on how to learn Penetration Testing with Pentesting Lab Exercises. It provides vulnerable systems in a virtual image and accompanying exercises that can be used to test and understand vulnerabilities.
Just decide what course you want to follow, download the course and start learning. You can easily run the course using VMware, no Internet access is required.
PentesterLab – Review
So what do they provide actually?
- Hands-on – The only real way to learn web penetration testing is to get into it
- Real vulnerabilities – These are not simulated theories, the exercises are based on real system flaws
- Offline & Online – The system is available offline for both free and pro (downloadable ISO)
- Enterprise Solution – For whole teams
- Certificates of Completion – The online exercises support certification
- Support – Fast replies
PentesterLab – How To Learn Penetration Testing
- Basics of Web
- Basics of HTTP
- Detection of common web vulnerabilities:
- Cross-Site Scripting
- SQL injections
- Directory traversal
- Command injection
- Code injection
- XML attacks
- LDAP attacks
- File upload
- Basics of fingerprinting
Requirements for PentesterLab
- A computer with a virtualisation software
- A basic understanding of HTTP
- A basic understanding of PHP
- Yes, that’s it!
There is also this to check out if you’re into learning more: eLearnSecurity – Online Penetration Testing Training
You can find all the Free modules here:
Or read more here.