PentesterLab Review – How To Learn Penetration Testing


PentesterLab is an easy and straight forward resource on how to learn Penetration Testing with Pentesting Lab Exercises. It provides vulnerable systems in a virtual image and accompanying exercises that can be used to test and understand vulnerabilities.

PentesterLab Review - How To Learn Penetration Testing


Just decide what course you want to follow, download the course and start learning. You can easily run the course using VMware, no Internet access is required.

PentesterLab – Review

So what do they provide actually?

  • Hands-on – The only real way to learn web penetration testing is to get into it
  • Real vulnerabilities – These are not simulated theories, the exercises are based on real system flaws
  • Offline & Online – The system is available offline for both free and pro (downloadable ISO)
  • Enterprise Solution – For whole teams
  • Certificates of Completion – The online exercises support certification
  • Support – Fast replies

PentesterLab – How To Learn Penetration Testing

  • Basics of Web
  • Basics of HTTP
  • Detection of common web vulnerabilities:
    • Cross-Site Scripting
    • SQL injections
    • Directory traversal
    • Command injection
    • Code injection
    • XML attacks
    • LDAP attacks
    • File upload
  • Basics of fingerprinting

Requirements for PentesterLab

  • A computer with a virtualisation software
  • A basic understanding of HTTP
  • A basic understanding of PHP
  • Yes, that’s it!

There is also this to check out if you’re into learning more: eLearnSecurity – Online Penetration Testing Training

You can find all the Free modules here:

PentesterLab – Our Exercises – Only Free

Or read more here.

Posted in: Hacker Culture

, , ,


Latest Posts:


dSploit APK Download - Hacking & Security Toolkit For Android dSploit APK Download – Hacking & Security Toolkit For Android
dSploit APK Download is a Hacking & Security Toolkit For Android which can conduct network analysis and penetration testing activities.
Scallion - GPU Based Onion Hash Generator Scallion – GPU Based Onion Hash Generator
Scallion is a GPU-driven Onion Hash Generator written in C#, it lets you create vanity GPG keys and .onion addresses (for Tor's hidden services).
WiFi-Dumper - Dump WiFi Profiles and Cleartext Passwords WiFi-Dumper – Dump WiFi Profiles and Cleartext Passwords
WiFi-Dumper is an open-source Python-based tool to dump WiFi profiles and cleartext passwords of the connected access points on a Windows machine.
truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.


3 Responses to PentesterLab Review – How To Learn Penetration Testing

  1. Night Lion Security May 21, 2013 at 1:59 pm #

    This is great, thanks. We will include this in our blog and link back to you. This is incredibly helpful, especially for new hires.

  2. Abhishek June 7, 2013 at 1:13 pm #

    It ask for the password after installing in VM ware, wjats the password. ?

  3. Edmund June 19, 2013 at 5:36 pm #

    I want to learn hacker. I have always dreamt of been a good. But one teaches hacking. I wish there was a school for hacking