What people say

"After reading the book, the online labs were a perfect way to put it all together and see the examples live!"

Brent Morris, Vystar Credit Union

"The most exhaustive set of lessons for demonstrating web hacking to date. The authors are masters in the domain."

Walt Golonka

"This is a very complete training lab environment, excellent workout for all web hackers and wannabees."

Robin Blokker

"If you want to really hone your skills as a security tester, this is the best, and the only, place you need to go."

Ron Engelton

Read more

Our online labs are created by web application penetration testers with more than a decade of experience in testing applications, and training others in how to do it. In our time, we've encountered pretty much every kind of security vulnerability that there is.

Our on-demand labs are extremely comprehensive, with over 300 examples of vulnerabilities that we have found in real-world applications. These go far, far beyond the sample subset of vulnerability types that usually appear in online "hack me" challenges.

Most testers learn their trade on-the-job. While this is a great way to start, your learning is constrained by the vulnerabilities you happen to encounter, as well as limitations of time and scope on individual engagements. If this sounds familiar, you can use our on-demand labs to fill in the gaps in your experience. Our lab exercises can be tackled independently, and are logically organized into topics, allowing you to focus on specific areas where you want to develop your skills. For example, if you want to learn more about authentication vulnerabilities, you can work through our 30 examples, learning how to find and exploit all of the subtle variations that you might come across in the real world.

Web application security is a fast-developing area. New types of vulnerabilities, and techniques for finding and exploiting them, are emerging continously. Whenever something significant appears, we will add new lab exercises to cover it, allowing you to stay current in your knowledge of the latest attacks and techniques.

The second edition of our book, The Web Application Hacker's Handbook, uses these online labs as its practical examples. The book is a perfect resource for reading up on the background of each vulnerability, and then following the links to the relevant labs. Or if you prefer action first, you can work through the online exercises, and then refer back to the book to fill in any gaps in your understanding.

Copyright © 2011 MDSec Ltd. All rights reserved.