# PortSwigger Labs

- [Authentication](/portswigger-labs/authentication.md): https://portswigger.net/web-security/authentication
- [Username enumeration via different responses](/portswigger-labs/authentication/username-enumeration-via-different-responses.md): This lab is vulnerable to username enumeration and password brute-force attacks.
- [Username enumeration via subtly different responses](/portswigger-labs/authentication/username-enumeration-via-subtly-different-responses.md): This lab is subtly vulnerable to username enumeration and password brute-force attacks.
- [Username enumeration via response timing](/portswigger-labs/authentication/username-enumeration-via-response-timing.md): This lab is vulnerable to username enumeration using its response times.