Friday, 28 December 2012

Happy first year PentesterLab...

It has been a year since I started PentesterLab... such an amazing year ;)

Since the first day, a lot have changed, the biggest change was probably to put the exercises for free instead of $12-$20. At first, I thought something like Peepcode will work for PentesterLab, but I realised that I was more interested by sharing stuff and that there were other way to do money and share the content for free. I wrote about this in a previous blog post...

I have also learn a lot in the last year:
  • to know my enemies: distraction (started other project like PNTSTR or some crazy coding) and procrastination (, Facebook, Twitter...). Losing focus (creating side projects) makes you waste a lot of time and people don't really understand were you are going... Having one clear goal is the way to make sure you are going to achieve it and send a better message to potential users/clients.
  • to improve the way I create exercise. I used to write the PDF and build the ISO in the same time... Such a waste of time! I was spending my time telling myself: "I will come back to write that part of the course once I have the correct value from the ISO", it was just a way to postpone stuff and not getting things done. Now, I create the ISO, once it works, I write the course. That way, I also avoid last minute changes and I'm way more effective.
  • to improve the way I blog: instead of trying to write something perfect, I start by a brain dump and improve it over time. Some blog posts stayed few months before being published like How not to get a good pentest
  • to avoid remembering stuff. I put everything in a todo list and come back to it later, even blog posts, crazy coding ideas, ... I use things on my phone since I always have my phone on me it's perfect. Remembering stuff is bad: you will either forget or keep thinking about it, both ways are bad :/ Write things down as soon as you think of them!

For the exercises, I will try to publish a new free exercise every month... so keep in touch, follow @PentesterLab on twitter, register to the mailing-list, or like PentesterLab on Facebook or on Google+, to get the last exercises :)

Thanks to everyone who helped me during this first year, who purchased exercices and commercial licenses, who sent email saying thanks, you are the people who makes Pentesterlab's growth. Thanks to everyone who review the courses and send me feedbacks (typo, grammar, diff file). In 2013, we are going to organise few trainings around the world mostly during security conferences but also in-house training (if you are interested shoot me an email: louis_*at* :)

Happy first year PentesterLab ;)


itsme said...


Juste pour te remercier de ton intiative, c'est toujours très clair et instructif, et bravo pour l'article dans le dernier MISC.


Louis Nyffenegger said...

Merci :)

Scriptmonkey_ said...

Only just been introduced to this, i'm already a penetration tester (although only been at it a year or so) and I have found your lab exercises brilliant.

Thank you for contributing these to the security community, genuinely awesome stuff. Loving the "web for pentesters" series of VM's in particular.