Alternatives to PentesterLab
Compare PentesterLab alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to PentesterLab in 2026. Compare features, ratings, user reviews, pricing, and more from PentesterLab competitors and alternatives in order to make an informed decision for your business.
-
1
myACI
ACI Learning
ACI Learning delivers hands-on IT and cybersecurity training built for modern teams. Expert-led videos, interactive labs, and certification prep for today’s top credentials turn knowledge into real-world skill. Whether you’re training a team or advancing your career, myACI makes it easy to learn, track progress, and see results that matter. This is online training with labs—not passive learning. From compliance and cloud to security and systems, ACI Learning helps professionals build confidence and capability. myACI offers role-based learning paths, video+lab combos, practice exams, and progress tracking. Managers get dashboards, credential tracking, and analytics that tie training to outcomes—with enterprise tools like SSO, LMS/LTI integration, SCORM support, and audit-ready reporting. -
2
CBT Nuggets
CBT Nuggets
Learning IT doesn’t have to mean boring lectures, the frantic pace of bootcamps, or lots of time away from your job or family. With CBT Nuggets, you can train anytime, anywhere, at your own pace — all from the comfort of your office chair or living room couch. Our training team is made up of industry experts who truly enjoy teaching people IT. Their training is informative, relevant, and engaging — and because most videos are 10 minutes or less, it’s easier to retain information. Choose from a training library of thousands of videos on in-demand technologies from widely used and respected vendors such as Microsoft, Cisco, CompTIA, AWS, Fortinet, and more. Earn a certification. Keep your skills up to date. Learn a new technology. Have an on-the-job resource. With accountability coaches, practice exams, and virtual labs at your fingertips, CBT Nuggets is proud to have helped thousands of professionals achieve their career goals over the last two decades. -
3
Astra Pentest
Astra Security
Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also conducts all tests required to comply with ISO 27001, HIPAA, SOC2, and GDPR. Astra offers an interactive pentest dashboard that the user can use to visualize vulnerability analyses, assign vulnerabilities to team members, and collaborate with security experts. And if the users don’t want to get back to the dashboard every time they want to use the scanner or assign a vulnerability to a team member, they can simply use the integrations with CI/CD platforms, Slack, and Jira. -
4
INE
INE
INE is a comprehensive training solution designed to empower organizations with the skills necessary to navigate the complexities of IT and cybersecurity. With over 20 years of experience serving Fortune 500 companies, INE offers a robust suite of on-demand courses, live virtual training sessions, and immersive labs that provide hands-on practical experience. This approach ensures that teams are not only prepared for examinations but also equipped to tackle real-world challenges with confidence. Targeted towards professional and enterprise teams, INE's offerings cater to a diverse audience that includes IT professionals, cybersecurity experts, and organizations seeking to enhance their workforce capabilities.Starting Price: $69 per month -
5
GlitchSecure
GlitchSecure
Continuous Security Testing for SaaS Companies - Built by Hackers Automatically assess your security posture with continuous vulnerability assessments and on-demand pentests. Hackers don't stop testing, and neither should you. We use a hybrid approach that combines testing methodologies built by expert hackers, a real-time reporting dashboard, and continuous delivery of high-quality results. We improve the traditional pentesting lifecycle by continually providing expert advice, remediation verification, and automated security testing throughout the entire year. Our dedicated team of experts works with you to properly scope and review your applications, APIs, and networks to ensure in-depth testing coverage all year. Let us help you sleep better at night.Starting Price: $6,600 per year -
6
PortSwigger Web Security Academy
PortSwigger
The Web Security Academy is a strong step toward a career in cybersecurity. Learn anywhere, anytime, with free interactive labs and progress-tracking. Produced by a world-class team - led by the author of The Web Application Hacker's Handbook. The Web Security Academy is a free online training center for web application security. It includes content from PortSwigger's in-house research team, experienced academics, and our founder Dafydd Stuttard. Unlike a textbook, the Academy is constantly updated. It also includes interactive labs where you can put what you learn to the test. If you want to improve your knowledge of hacking, or you'd like to become a bug bounty hunter or pentester, you're in the right place. The Web Security Academy exists to help anyone who wants to learn about web security in a safe and legal manner. You can access everything (for free) and track your progress by creating an account. -
7
Virtual Hacking Labs
Virtual Hacking Labs
Purchase an access plan and get access within 24 hours. Download the courseware and a preconfigured pentesting machine. Study the courseware carefully and get ready to enter the labs to hack your way into 45+ lab machines. Write your report and earn the 2 available VHL certificates of completion (basic & advanced+). Al VHL memberships include access to all aspects of our penetration testing course. This includes access to the courseware, online penetration testing lab, a personal reset panel and the lab dashboard that can be used for hints and progress tracking. The Virtual Hacking Labs are for beginners and experts who want to learn and practice penetration testing in an easy accessible virtual lab environment. For anyone that is new to the subject of penetration testing we provide a tailored courseware manual that covers all subjects from the basics to help you with your first steps towards becoming a penetration tester.Starting Price: €93 per month -
8
EzoTech Tanuki
EzoTech
EzoTech offers Tanuki, the world’s first autonomous penetration testing platform, delivering a NIST-compliant test at the click of a button. The SaaS-based solution uses patented technology to conduct advanced pentests from anywhere in the world, providing unmatched insight into your security posture. With its on-demand approach, organizations can continuously identify vulnerabilities and improve defenses without the need for lengthy manual engagements. Powered by AI and machine learning, Tanuki transforms penetration testing into an automated, scalable process. Trusted by Fortune 500 companies, startups, and global cybersecurity experts, it ensures precision and consistency in every test. This revolutionary approach allows companies to have the equivalent of the largest team of ethical hackers available instantly. -
9
Skill Dive
INE
INE’s Skill Dive platform offers immersive, hands-on labs designed to prepare learners for real-world cybersecurity, networking, and cloud scenarios. It provides a risk-free environment where users can practice technical skills on virtual machines, bridging the gap between theoretical training and practical expertise. Skill Dive includes extensive lab collections ranging from novice to professional levels, covering topics like pentesting, cloud security, car hacking, and secure coding. The platform is ideal for learners seeking to solidify their knowledge through practical experience using up-to-date tools and techniques. With hundreds of labs tailored to career goals, users can build proficiency in a structured, real-world context. Skill Dive also integrates updated content from the former Pentester Academy, delivering a comprehensive learning experience.Starting Price: $69 per month -
10
XtremeLabs
XtremeLabs
Instead of a model that focuses on repeating and retaining content, today’s learners are in desperate need of a skill-centric model that offers data-driven, experiential learning. Xtremelabs offers that model. We’ve created labs for a vast array of technology topics that allow users to practice what they learn within interactive lab environments. These labs replicate actual IT environments, including complex configurations, and prepare learners for the challenges and scenarios they will face on the job. Our backend analytics allow for the optimization of individual learning paths. If a learner is struggling with one aspect of a topic, our labs can direct them to the optimal exercise or video. Learners can repeat exercises as many times as they’d like. Xtremelabs is also designed to be the industry’s most deeply-integrated learning lab solution. Our open API integration across technologies, learning platforms, and content providers positions us at every point in the learner value chain. -
11
Azure DevOps Labs
Microsoft
Azure DevOps Labs is a free, community-driven collection of self-paced, hands-on tutorials designed to teach every aspect of the Azure DevOps toolchain and related DevOps practices. From configuring Agile planning with Azure Boards and version control in Azure Repos to defining build and release pipelines as code with YAML, enabling CI/CD in Azure Pipelines, managing packages in Azure Artifacts, and orchestrating tests with Azure Test Plans, each lab provides step-by-step exercises and sample code repositories. You can spin up ready-made projects using the Azure DevOps Demo Generator, explore end-to-end scenarios like deploying Docker-based web applications, integrating Terraform for infrastructure-as-code, scanning for security vulnerabilities, monitoring performance with Application Insights, and automating database changes with Redgate. Prerequisites include an Azure DevOps organization and an Azure subscription, but no prior experience is required. -
12
TryHackMe
TryHackMe
Learning cyber security on TryHackMe is fun and addictive. Earn points by answering questions, taking on challenges and maintain your hacking streak through short lessons. Learn by following a structured paths and reinforce your skills in a real-world environment by completing guided, objective-based tasks and challenges. TryHackMe goes way beyond textbooks and focuses on fun interactive lessons that make you put theory into practice. You'll get an immersive learning experience with network simulations, intentionally vulnerable technology based on real world examples and more. New to security? No problem! We have learning paths that will teach you the fundamental cyber security skills, which will help set you up to land a job in cyber security. We give you all the tools you need to start learning. Access a machine with the security tools you'll need through the browser, and starting learning from anywhere at any time. All you need is an internet connection! -
13
YesWeHack
YesWeHack
YesWeHack is a leading Bug Bounty and Vulnerability Management Platform. Founded by ethical hackers in 2015, YesWeHack connects organisations worldwide to tens of thousands of ethical hackers, who uncover vulnerabilities in websites, mobile apps, connected devices and digital infrastructure. The YesWeHack platform offers a range of integrated, API-based solutions: Bug Bounty (crowdsourcing vulnerability discovery); Vulnerability Disclosure Policy (creating and managing a secure channel for external vulnerability reporting); Pentest Management (managing pentest reports from all sources); Attack Surface Management (continuously mapping online exposure and detecting attack vectors); and ‘Dojo’ and YesWeHackEDU (ethical hacking training). YesWeHack's services have ISO 27001 and ISO 27017 certifications, and its IT infrastructure is hosted by EU-based IaaS providers, compliant with the most stringent standards: ISO 27001 (+ 27017, 27018 & 27701), CSA STAR, SOC I/II Type 2 and PCI DSS. -
14
PurpleLeaf
PurpleLeaf
PurpleLeaf is a better penetration test that covers your organization continuously. Purpleleaf is a platform powered by passionate, research-focused, penetration testers. We scope the size and complexity of your application or infrastructure. We provide a quote for the testing (just as you would a traditional annual pentest). Within 1 – 2 weeks your pentest report will be available. Periodic testing continues throughout the year and will receive monthly reports as well as notifications for new vulnerabilities, assets, and applications discovered. A traditional pentest can leave you vulnerable for 11 months of the year. Our testing is performed throughout the year. PurpleLeaf allows for even a small number of hours to provide coverage for longer periods of time. With our model, you only pay for what you need. Most pentest reports fail to show what your attack surface really looks like. In addition to showing vulnerabilities, we visualize applications, show dangerous services, etc. -
15
MindMajix
MindMajix
We have got world-class technologies to create career-changing opportunities. Schedule your sessions at your comfortable timings. Instructor led training with practical lab sessions. Real time projects and certification guidance. Customized learning methodologies scaled to your corporate needs. Instructor led virtual training mode with real time projects. Learn as per full day schedule with discussions, exercises and practical use cases. Every technology syllabus is tailored to meet current industry requirements. We believe in providing the best technology training loaded with essential features to deliver outstanding learning experience. Explore how technologies interacts with the real world using industrial use-cases. Along with course completion certificate, we assure you with official certificate guidance. Understand how the industry and practically oriented courses at Mindmajix transform your career. -
16
RangeForce
RangeForce
Build cyber resilience through RangeForce hands-on training and team exercises. Train in emulated, realistic environments featuring real IT infrastructure, real security tools, and real threats. Cut cost over traditional cyber training programs and complex on-premise cyber ranges. Our solutions offer team-based training for a variety of experience levels. Choose from hundreds of interactive modules to understand critical security concepts and see the most important security tools in action. Prepare your team to defend against complicated threats with realistic threat exercises. Train in customizable, virtual environments that emulate your own security stack. -
17
Dhound
IDS Global
Your business is linked to critical infrastructure or sensitive data, and you understand the cost of a vulnerability that an attacker can find. You work under security regulations stated by the law to take certain security measures (i.e. SOC2, HIPAA, PCI DSS, etc.) and are required to conduct pentests by a third-party company. Your clients claim partnership only with reliable and secure solutions, and you keep your promises, guaranteeing your system security with the results of penetration testing. Pen test is an imitation of a real hacking attack but performed by security knights who fight for your web security with noble intentions. We conduct Penetration testing (also known as pen test or ethical hacking) so you can breathe out and be confident your system in safe hands. Unlike vulnerability assessment, ethical hacking at Dhound not just seeks vulnerabilities. It would be too easy for us. To stay ahead of adversaries, we apply hackers’ mindset and techniques but no worry!Starting Price: $30 per month -
18
OnSecurity
OnSecurity
OnSecurity is a leading CREST-accredited penetration testing vendor based in the UK, dedicated to delivering high-impact, high-intelligence penetration testing services to businesses of all sizes. By simplifying the management and delivery of pentesting, we make it easier for organisations to enhance their security posture and mitigate risks, contributing to a safer, more secure digital environment for everyone. Make use of real-time reporting and immediate validation on fixes with FREE retesting. Streamline and reduce your admin overhead by integrating with existing workflows and demonstrate clear ROI. Pentesting, Vulnerability Scanning and Threat Intelligence all in one platform.Starting Price: $9.30 per month -
19
Hack The Box
Hack The Box
Hack The Box is the Cyber Performance Center with the mission to provide a human-first platform to create and maintain high-performing cybersecurity individuals and organizations. Hack The Box is the only platform that unites upskilling, workforce development, and the human focus in the cybersecurity industry, and it’s trusted by organizations worldwide for driving their teams to peak performance. Offering an all-in-one environment for continuous growth, assessment, and recruitment, Hack The Box provides solutions for all cybersecurity domains. Launched in 2017, Hack The Box brings together the largest global cybersecurity community of more than 3 million platform members. Rapidly growing its international footprint and reach, Hack The Box is headquartered in the UK, with additional offices in the US, Australia, and Greece. -
20
Codebay
Codebay
Engage in bite-sized interactive lessons, like a personal tutor in your pocket. With every new piece of knowledge you acquire, there's a custom-made coding exercise waiting for you. Your coding journey is a canvas. With every lesson and line of code, paint your path to proficiency. Watch as it comes alive with colors of your determination and achievements. With every lesson, you will collect flashcards like earning trophies in a game. Let each one be a testament to your growing knowledge. With Codebay, you can code on your smartphone wherever you are. Learning has never been this flexible and accessible. Codebay emphasizes practical coding exercises, so you can apply what you've learned and build confidence. Collect and review key concepts to ensure they stick with you as you progress.Starting Price: Free -
21
Reconmap
Netfoe
Take your pentesting projects to the next level with a collaboration tool that streamline your entire process. Reconmap is a powerful, browser-based collaboration platform for penetration testing that helps infosec teams through the use of automation and reporting. Generate complete pentest reports with Reconmap's templates; save time and effort. Command automators allow you to execute multiple commands with any or little manual intervention. Automatically generate a report with the command findings. Analyze data on pentests, vulnerabilities, and projects to make informed decisions on their management. Find out how much time is spent on different tasks with our dashboard.Starting Price: £39 -
22
Codelinkster
Codelinkster
Tutorials on over different programming languages. No boring lectures and big bookish notes with just online live code runner we make learning simpler. Solve Hands On Exercises and earn a place on leaderboard. Be the top coder after you have learnt a language. Upload your projects and contribute to open source.Share your projects to your friends and more. Run, test and execute your code live on the browser itself on your favourite language. The lone purpose of creating codelinkster was to build a platform for users where they could learn programming, solve exercises online, share their ideas, contribute to opensource and much more. I believe bringing programming to almost anyone could help them turn their imagination or ideas they had into reality. At least every school must teach their kids how to program a computer and that's what codelinkster solves. We have free courses on different technologies that are geared with online web consoles and run the code online. -
23
RedSentry
RedSentry
The quickest, most affordable penetration testing and vulnerability management solutions to help you get compliant and keep all of your assets secure, year around. Our pentest report format is easy to understand and will give you all the information you need to secure your environment. We’ll provide a customized plan of action to help you combat any vulnerabilities, prioritize based on severity, and improve your security posture. Our pentest report format is easy to understand and will give you all the information you need to secure your environment. We’ll provide a customized plan of action to help you combat any vulnerabilities, prioritize based on severity, and improve your security posture. -
24
Codédex
Codédex
Codédex is an online, interactive coding-learning platform that uses a gamified, adventure-style format to teach real programming languages and skills. Learners travel through “fantasy lands” corresponding to languages such as Python, HTML/CSS, JavaScript, React, and command-line tools (Git, GitHub), proceeding at their own pace while earning experience points, badges, and unlocking new regions as they progress. It combines bite-sized interactive lessons, an in-browser code editor for instant practice, and project-based tutorials to give users hands-on experience rather than just theory. With more than 200 hours of content, Codédex supports beginners with no prior coding experience and gradually builds up to more advanced topics, reinforcing learning through code challenges, exercises, and real-world projects. It fosters a supportive community through forums and events like monthly challenges and hackathons, helping motivate learners and provide peer support.Starting Price: $80 per month -
25
Next U
Next U
Access 24 hours a day so you can learn at your own pace and in Spanish. Private support from online tutors and video chat 'Tutor Café' to discuss topics in a group. Online courses developed by industry leaders. Hundreds of hours of real exercises with which you can create or enrich your portfolio. Certificates with international applications and validity on LinkedIn. Without schedules or previous knowledge, you learn at your own pace from the place you choose and in Spanish. Carry out your practices from a computer with internet access. Your tablet or mobile is a perfect instrument to also advance in theory. All the material you need, including instructional videos, support from digital technology experts through the 'Tutor Café' and private tutorials, are available on the online learning platform that you can access 24 hours a day. -
26
ThriveDX
ThriveDX
ThriveDX, the world’s premier EdTech provider, champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption. As advocates of lifelong learning, we are committed to closing the digital divide by providing people with the cyber education and digital skills they need. Learning is most impactful when knowledge, problem-solving and creativity are combined. With decades of market experience under our belt, ThriveDX boasts a revolutionary educational model centered on real-world applications. Designed by industry leaders and taught by experts, our market-based curriculum allows learners to authentically engage with the material while developing the in-demand skills and experiences sought by top employers. Champions of lifelong learning, ThriveDX offers across-the-board cyber training and digital skills programs for companies and their employees. -
27
ImmuneBytes
ImmuneBytes
Fortify your blockchains with our impeccable audit services for unparalleled security in the decentralized realm. If you're spending sleepless nights worrying about losing funds to hackers, choose from our stack of services, and bid farewell to all your fears. In-depth analysis of the code by industry veterans to detect the vulnerabilities in your smart contract. Our experts secure your blockchain applications by mitigating risks through security design, assessment, audit, and compliance services. Our independent team of prolific penetration testers performs an extensive exercise to detect vulnerabilities and system exploits. We are the torch-bearers of making the space safer for everyone and do it by helping with a complete, systematic analysis to enhance the product's overall security. Recovery of funds is as equally important as a security audit. Have the facility to track user funds with our transaction risk monitoring system and boost users' confidence.Starting Price: Free -
28
Ethiack
Ethiack
We keep you safe by combining AI automated pentesting and elite ethical hacking for both in-depth and in-breadth security testing. It’s not just your code, third-party services, APIs, and external tools all pose a risk to your organization. We give you a complete view of your entire digital exposure so you can understand its weak points. Scanners flag too many false positives and pentests are not frequent enough. Automated pentesting fixes this. It reports less than 0.5% false positives and over 20% of its findings are impactful. We have a pool of world-class ethical hackers ready for human hacking events. To join, they go through an extensive process of background checks and those that get accepted go on to find the most critical vulnerabilities in your assets. Our team has won world-class awards and found vulnerabilities on Shopify, Verizon, Steam, and many more. Add the TXT record to your DNS and start your 30-day free trial.Starting Price: €1,790 per year -
29
IntelliPaat
IntelliPaat
Access pre-loaded courseware and self-paced videos on LMS. Get personalized learning experience with your mentor, who will track your progress and provide insights. Avail live classes from SMEs; group learning; clarify doubts instantly with instructors; reschedule, if missed a class! Access previous live instructor-led sessions instantly at any time and exploit the note-taking capability. Reinforce your learning by solving real-life business problems with exercises and assignments after each instructor-led live session. Share queries or resolve other’s doubts via peer-to-peer interaction with like-minded individuals. Get datasets, solve business problems by real-time simulation, and showcase your aptitude to earn a job. Get help to create a world-class resume, promote your profile, gain salary negotiation skills, and have mock interview sessions. -
30
Raxis
Raxis
For organizations that are tired of check-the-box vulnerability scans that masquerade as pentests, Raxis is a welcome reprieve. A certified team of US citizen testers, the Raxis penetration testing team is known for thorough testing and clear reporting. Raxis Attack, their PTaaS option, is available for external & internal networks as well as web applications and uses the same team as their traditional pentests. This continual service includes unlimited on-demand human manual testing as well as chats with the Raxis pentest team through the Raxis One portal. Their traditional penetration testing offering, Raxis Strike, is available for internal networks, external networks, wireless, web applications, mobile applications, APIs, SCADA, IoT, and device testing. They also offer full red team and purple team services. -
31
KodeKloud
KodeKloud
KodeKloud is a free community that provides online hands-on courses and training programs on diverse Cloud and DevOps technologies. Some of the technologies covered by KodeKloud are Docker, Kubernetes, OpenShift, Ansible, Puppet, Chef, Linux, and more. The community offers online courses (that include a certificate upon completion) alongside hands-on labs, playgrounds, and an online community to connect with other students. KodeKloud has an online forum and a Slack group. Both are excellent places to connect with other people worldwide interested in getting a DevOps role. There are mostly KodeKloud students in both online groups. Additionally, you can find diverse people ranging from beginners to seasoned specialists. It's completely free to get a KodeKloud account. You will get access to all free courses and free hands-on labs. Moreover, free members are also able to try sample lessons of all courses. Besides, KodeKloud offers three additional, paid memberships.Starting Price: $475/License/Year -
32
Synack
Synack
Comprehensive penetration testing with actionable results. Continuous security scaled by the world’s most skilled ethical hackers and AI technology. We are Synack, the most trusted Crowdsourced Security Platform. What can you expect when you entrust your pentesting to the Synack Crowdsourced Security platform? Become one of the select few SRT members and hack among the best in the world, sharpening your skills and putting them to the test. Hydra is an intelligent AI scanning tool that alerts our SRT members of possible vulnerabilities, changes, or events. In addition to bounties for finding vulnerabilities, Missions provide payment for methodology-based security checks. Trust is earned, and our currency is straightforward. A commitment to protect our customers and their customers. Utter confidentiality. Optional anonymity. Total control over the process. Complete confidence when you need to focus on your business. -
33
Protexxa
Protexxa
Activate your greatest cybersecurity asset. 90% of cyber hacks are caused by human error. Transform your digital protection today. Do you know how vulnerable your company is to cyber attacks? Cyber attacks are rapidly increasing. Since the onset of the COVID-19 pandemic cyber crime has quadrupled. Take control and reduce cyber vulnerabilities with our AI-powered assessment and remediation solution. Strengthen cyber capabilities with strategic consulting, control testing and interactive tabletop exercises. Accelerate cyber confidence across your organization. Executives are targeted 12x more than employees. -
34
CyStack Platform
CyStack Security
WS provides the ability to scan web apps from outside the firewall, giving you an attacker's perspective; helps detect OWASP Top 10 and known vulnerabilities and constantly monitoring your IPs for other security threats. The team of CyStack pen-testers conducts hypothetical attacks on a customer's applications to discover security weaknesses that could expose applications to cyberattack. As a result, the technical team can fix those vulnerabilities before hackers find and exploit them. Crowdsourced Pen-test is the combination of certified experts and community of researchers. CyStack deploys, operates, and manages the Bug Bounty program on behalf of enterprises to attract a community of experts to find vulnerabilities in technology products such as Web, Mobile, Desktop applications, APIs or IoT devices. This service is a perfect solution for companies that are interested in the Bug Bounty model. -
35
CTI Academy
CTI Academy
CTI Academy’s learning platform delivers an immersive cyber threat intelligence education through an intuitive e‑learning environment featuring expert‑led courses, interactive course materials, virtual lab environments, and practical exercises that simulate real‑world scenarios in threat intelligence, malware analysis, and attack surface management. It offers self‑paced, hands‑on labs that eliminate the need for external infrastructure or portals, ensuring seamless access to performance‑driven modules designed to build expertise in analyzing threats, reverse‑engineering malware, and monitoring vulnerabilities. Complementing this, the Cyber Underground Forum provides members‑only access to an exclusive community of cybersecurity professionals and analysts, up‑to‑the‑minute threat intelligence feeds, global coverage of emerging attack patterns, instant alerts on critical vulnerabilities, and a comprehensive archive of intelligence data for collaborative research. -
36
QA
QA
QA Ltd is a leading provider of technical and business skills training, offering a comprehensive suite of services to help individuals and organizations excel in the digital age. With over 35 years of experience, QA delivers instructor-led courses, online learning platforms, and apprenticeships across various disciplines, including AI, cloud computing, data analytics, cyber security, and more. Serving over 4,000 clients and training more than 1 million learners annually, QA is committed to empowering people and organizations to adapt and thrive amidst technological advancements. Our end-to-end approach drives better business results by ensuring whole organizations can learn, master, and apply skills at speed and scale. Arm your organization for digital agility by combining the power of human and machine intelligence. Return on training spend doesn't stop at skills growth. Get the most out of your training. -
37
Reporter
Security Reporter
Security Reporter is an enterprise-grade pentest reporting software designed to streamline and standardize the penetration testing and security assessment reporting workflow. The platform supports security teams and pentesting providers in managing findings, producing professional reports, and delivering consistent results across complex environments. Key capabilities include a centralized content and vulnerability library, customizable report templates, multi-language reporting, and native imports from more than 140 security testing tools. These features support efficient vulnerability management, accurate reporting, and repeatable assessment processes. Security Reporter is offered exclusively as a self-hosted, on-premise solution, ensuring full control over sensitive security data and supporting common compliance and data governance requirements. By reducing manual reporting effort and minimizing errors, the platform improves productivity and shortens reporting cycles. -
38
AWS Self-Paced Labs
Amazon Web Services
Get hands-on practice in a live AWS environment with AWS services and real-world cloud scenarios. Follow step-by-step instructions to learn a service, practice a use case, or prepare for AWS Certification. Take a lab to get familiar with an AWS service in as little as 15 minutes. Learning quests lead you through a sequence of labs so that you can learn how to work with related AWS services. When you complete a quest, you'll earn a Quest Badge that you can show off on your resume, website, or LinkedIn profile. Whether you're new to AWS or keeping current with new services, introductory labs are a quick and easy way to learn the fundamentals. Try these popular introductory labs. Take your skills to the next level with fundamental, advanced, and expert level labs. Enroll in a quest - a collection of labs - and master a specific AWS scenario at your own pace. Complete the quest and earn a badge to share on your resume, website, or LinkedIn profile. -
39
Rhino Security Labs
Rhino Security Labs
Recognized as a top penetration testing company, Rhino Security Labs offers comprehensive security assessments to fit clients' unique high-security needs. With a pentest team of subject-matter experts, we have the experience to reveal vulnerabilities in a range of technologies — from AWS to IoT. Test your networks and applications for new security risks. Rhino Security Labs leads the industry in web application penetration testing, identifying vulnerabilities in a range of programming languages and environments. From webapps in highly scalable AWS environments to legacy apps in traditional infrastructure, out security experts have helped secure data across the world. With dozens of zero-day vulnerabilities disclosed and our research circulating on national news outlets, we consistently prove our commitment to top-notch security testing. -
40
API Fuzzer
Fuzzapi
API Fuzzer allows to fuzz-request attributes using common pentesting techniques and lists vulnerabilities. API Fuzzer gem accepts an API request as input and returns vulnerabilities possible in the API. Cross-site scripting vulnerability, SQL injection, blind SQL injection, XML external entity vulnerability, IDOR, API rate limiting, open redirect vulnerabilities, information disclosure flaws, info leakage through headers, and cross-site request forgery vulnerability.Starting Price: Free -
41
Skillable
Skillable
Skillable is the virtual labs platform built to adapt quickly in the face of constant change. A three-time Inc. 500 company, Skillable believes validated experiences and challenge-centric learning will transform the way organizations upskill their customers, partners and employees. Industry leaders such as Microsoft, Amazon, IBM, Veritas, Global Knowledge and New Horizons trust Skillable’s full stack lab development and hosting platform, generating nearly 5 million lab launches to date in 2021 and more than 20 million lab launches over its tenure. -
42
Cyver
Cyver
Change the way you deliver pentests, with cloud pentest management tools, complete with automated reporting & everything you need to deliver Pentest-as-a-Service. Scale workloads with cloud tooling to automate reports & project management, so you can get back to pentesting. Cyver imports work data from tools like Burp Suite, Nessus, NMap, & more to fully automate reporting. Customize report templates, link projects, map findings to compliance controls, and generate pentest reports with one click. Plan, manage, and update pentests, in the cloud. We deliver tooling for client collaboration, pentest management, & long-term scheduling. No more Excel, no more email, and everything in one place, Cyver’s pentest management portal. Offer schedulable, recurring pentests, with client data and vulnerability management, complete with findings-as-tickets, actionable insights like threat analysis and compliance mapping dashboards, and direct communication.Starting Price: €99 per month -
43
Code Review Lab
Code Review Lab
Code Review Lab is a hands-on secure coding and code review training platform designed to help developers, security engineers, and DevSecOps teams identify, understand, and fix real-world vulnerabilities before they reach production. Rather than relying on passive learning such as videos or slides, Code Review Lab immerses users in realistic code review scenarios where they analyze vulnerable code, spot security flaws, and apply secure fixes. The platform focuses on practical, job-relevant skills and mirrors the challenges engineers face in real development environments. Code Review Lab supports multiple programming languages and covers a wide range of application security topics, including common vulnerability classes, secure coding best practices, and real-world attack patterns. Interactive exercises provide immediate feedback, reinforcing a security-first mindset and helping teams continuously improve their secure coding capabilities.Starting Price: $7/month/user -
44
ROI Training
ROI Training
At ROI, we strive to provide business professionals with the skills and knowledge necessary to increase work performance and drive greater return on investment for the global customers we support. ROI will deliver courses using your existing training lab and also has the expertise and resources necessary to provide a “traveling classroom”. When providing a “traveling classroom”, ROI provides all of the hardware and software needed to execute a successful hands-on training experience. ROI can design custom exercises based on your organizations’ projects and processes. A pre-class conference call with one of our instructors and your subject-matter-experts starts the process. Workshops and exercises are designed around actual work in progress at your organization, so your staff gains practical experience. -
45
LLMFuzzer
LLMFuzzer
If you're a security enthusiast, a pentester, or a cybersec researcher who loves to find and exploit vulnerabilities in AI systems, LLMFuzzer is the perfect tool for you. It's built to make your testing process streamlined and efficient. We are working on full documentation. It will cover detailed information about the architecture, different fuzzing strategies, examples, and how to extend the tool.Starting Price: Free -
46
Terra
Terra Security
Terra offers agentic-AI powered continuous web application penetration testing as a service, combining AI agents with human expert supervision to deliver deep, business-context aware security assessments. It provides full coverage of an organization’s web application attack surface, continuously testing through changes rather than only at fixed intervals. The tool delivers real-time adaptability, meaning newly deployed or updated features are automatically evaluated for vulnerabilities, not waiting for quarterly or annual audits. Terra’s reports are designed to be compliance-audit ready, reflecting proof of exploitability, likelihood, potential breach comparison, and business impact, along with suggestions for remediation. It emphasizes prioritization of real risks, tailored to the customer's business context and risk profile, with visibility across all applications and features. Users benefit from increased efficiency and accuracy over traditional automated pentests. -
47
ServerSage
ServerSage.ai
ServerSage is an AI platform that performs the complete pentesting workflow—planning reconnaissance, probing systems, executing attacks, and documenting findings—just like a human red team. Built for security professionals who need to scale their testing capabilities, it handles the heavy lifting: repetitive reconnaissance, vulnerability validation, exploit execution, and comprehensive reporting. Your team makes strategic decisions while ServerSage delivers technical execution and documentation. -
48
Avatao
Avatao
Avatao’s security training goes beyond simple tutorials and videos offering an interactive job-relevant learning experience to developer teams, security champions, pentesters, security analysts and DevOps teams. With 750+ challenges and tutorials in 10+ languages, the platform covers a wide range of security topics across the entire security stack from OWASP Top 10 to DevSecOps and Cryptography. The platform immerses developers in high-profile cases and provides them with real, in-depth experience with challenging security breaches. Engineers will actually learn to hack and patch the bugs themselves. This way Avatao equips software engineering teams with a security mindset that increases their capability to reduce risks and react to known vulnerabilities faster. This in turn increases the security capability of a company to ship high-quality products. -
49
Vulnsy
Vulnsy
Vulnsy is a penetration testing reporting platform designed to help security professionals generate professional reports quickly and efficiently. Built by pentesters, it replaces manual Word-based reporting workflows with a streamlined system for documenting vulnerabilities and producing deliverables. The platform includes a reusable findings library that allows users to insert common vulnerabilities and customize details instead of rewriting them each time. Automated templates handle formatting and styling, ensuring consistent and professional-looking reports across engagements. Users can organize screenshots and proof-of-concept evidence with drag-and-drop tools that automatically embed them into reports. Vulnsy also provides a secure client portal for delivering reports and managing communication with clients. By combining workflow management, report generation, and collaboration tools, Vulnsy enables security teams to complete reporting tasks in minutes rather than hours.Starting Price: $38 -
50
Strobes PTaaS
Strobes Security
Pentesting as a Service (PTaaS) offers a personalized, cost-effective, and offense-driven approach to safeguard your digital assets. With a team of seasoned experts and advanced pen-testing methodologies, Strobes PTaaS provides actionable insights to improve your security posture by multifold. Pentesting as a Service (PtaaS) seamlessly combines the power of manual, human-driven testing with a state-of-the-art delivery platform. It’s all about effortlessly setting up ongoing pentest programs, complete with integrations for smooth operation and easy reporting. Say goodbye to the time-consuming process of procuring pentests one by one. To truly appreciate the benefits of a PtaaS platform, you need to dive in and witness the innovative delivery model in action for yourself. It’s an experience like no other! Our unique testing methodology involves both automated and manual pentesting that helps us uncover most of the vulnerabilities and keep you away from breaches.Starting Price: $499 per month
