Initially, the World Wide Web was used to exchange information at a distance, but has now become the main source of communication between individuals, businesses and governments. In order to check the security of information and communication systems, the penetration testing procedure is used.
The aim of this thesis is to introduce the reader with penetration testing of information systems and to present the creation process of a virtual test environment. The environment was created as a game with educational purposes. At the beginning of this thesis, basic penetration testing concepts are presented. In the third chapter, phases of The Penetration Testing Execution Standard are described, which give a structured overview over the process of penetration testing. The presentation of the standard describes the individual execution phases with added practical examples. In the fourth chapter of this thesis, the concept Capture the Flag is explained. For the practical part of the thesis I created a custom virtual environment. The created virtual environment was created for security enthusiasts to learn new exploitation options. At the end of the thesis, solutions of previously given tasks are shown, which lead to flag retrieval. In addition, a few upgrades of the environment are listed.