Skip to main content

Assets and targets

Pentest-Tools.com uses two related concepts for organizing what you scan:
ConceptDescriptionExample
AssetA top-level resource you add to the platform. Assets are the unit for subscription limits.example.com, 192.168.1.1
TargetA specific scannable item associated with an asset. Tools run scans against targets.https://example.com/app, https://example.com/api/v1
Your subscription’s asset limit determines how many assets you can add. One asset can have multiple targets, all counted under that single asset.
When you add a target, the platform automatically creates or associates it with the appropriate asset:
  1. You provide a target: For example, https://example.com/app
  2. The system extracts the asset: The hostname example.com becomes the asset
  3. Target links to asset: The URL target is associated with the example.com asset
  4. Scans run on the target: Tools scan the specific URL you provided

Example: One asset, multiple targets

For the asset example.com, you might have these targets:
TargetType
example.comHostname
https://example.com/URL
https://example.com/appURL
https://example.com/api/v1URL
All of these targets belong to the single example.com asset, counting as one asset toward your subscription limit.

Adding a single target

1

Navigate to Assets

Go to Assets from the main navigation.
2

Click Add target

Click the Add target button in the top right.
3

Enter target details

Provide the target (domain, IP address, or URL) and an optional description.
4

Configure alive check (optional)

Enable Include only alive targets to verify the target is reachable before adding it. See Check alive for details.
5

Add the target

Click Add to create the target. The asset is created automatically.

Supported target formats

FormatExampleAsset created
Domainexample.comexample.com
Subdomainapi.example.comapi.example.com
IP address192.168.1.1192.168.1.1
URLhttps://example.com/appexample.com
URL with porthttps://example.com:8443/adminexample.com
IP range (CIDR)192.168.1.0/24Individual IPs
IP range (dash)192.168.1.1-100Individual IPs
CIDR notation supports masks from /24 to /30. Masks outside this range are rejected.
Different tools accept different target types. For example, the Website Scanner requires a URL, while the Port Scanner accepts hostnames or IP addresses.

Importing multiple targets

You can import targets from a file or from AWS.

Import from file

Import targets from a .txt file with one target per line. Optionally include descriptions after a comma.
1

Open import dialog

Click the Import button and select From file.
2

Prepare your file

Create a text file with targets and optional descriptions:
www.example.com, Production website
dev.example.com, Development server
staging.example.com, Pre-prod environment
192.168.1.0/24, Production network range
10.10.0.1-255, Internal servers
3

Upload and configure

Select your file and optionally enable Include only alive targets to filter unreachable hosts. See Check alive for details.
4

Import

Click Import. You’ll receive a notification when the import completes.
For IP ranges, enable the alive check to avoid adding offline hosts. This takes longer but keeps your asset list cleaner.

Import from AWS

If you have an AWS integration configured, you can import targets from your AWS infrastructure.
  1. Click Import and select From AWS
  2. Choose your AWS integration
  3. Select the resource types to import
  4. Click Import
AWS import requires a configured AWS integration. See AWS integration for setup instructions.

Managing assets and targets

Editing targets

You can update the description of existing targets:
  1. Find the target in your asset list
  2. Click the Edit description button
  3. Update the description
  4. Click Save

Moving targets between workspaces

Move targets to a different workspace to reorganize your work:
  1. Select one or more targets
  2. Click Move
  3. Choose the destination workspace
  4. Confirm the move
Moving a target also moves its associated scan history and findings to the new workspace.

Deleting assets and targets

Deleting an asset removes all associated targets, scans, findings, and attack surface data permanently. This action cannot be undone.
Use Group by asset to see assets as top-level rows and act on them directly.

To delete targets (keeping the asset)

  1. Select the specific targets you want to remove
  2. Click Delete
  3. Confirm the deletion

To delete an entire asset

  1. Select the asset
  2. Click Delete
  3. Confirm that you want to delete the asset and all its targets

Asset discovery

Some tools find new items as a side effect of scanning:
  • Subdomain Finder discovers subdomains under your domain asset
  • Website Recon identifies web technologies, CMS platforms, and frameworks
  • Port Scanner finds services that may expose web interfaces
Discovered items appear in the scan results. Results from Website Recon and Port Scanner are also merged into the attack surface view automatically. To add discovered subdomains or hosts as targets, add them manually from the scan results.
Use the attack surface view to see all discovered hosts, ports, and technologies across your scans.
After a Subdomain Finder, Domain Finder, or Virtual Hosts Finder scan, you can add discovered items directly to your asset inventory. Select the rows you want in the results table and click Add to assets. Optionally enable Include only alive targets to filter out unreachable hosts before adding them.

Check alive

When adding or importing targets, you can enable the Include only alive targets option to filter out unreachable hosts before they’re added to your workspace.

When to use it

The alive check is useful when:
  • You’re importing an IP range and want to skip offline hosts
  • You’re scanning an internal network with unused IP addresses in a CIDR block
  • You want to confirm hosts are reachable before adding them
The alive check takes longer than adding targets directly, but results in a cleaner asset list with only reachable hosts.

How it works

The platform uses a customized version of Nmap’s host discovery to determine if a target is alive. Multiple probe types are sent to maximize detection accuracy, as different network configurations and firewalls may block certain traffic.
  • Echo request: Sends ICMP type 8 packets expecting echo replies. Often blocked by firewalls but reliable on internal networks.
  • Timestamp request: Sends ICMP queries expecting reply code 14. Useful when echo requests are blocked.
  • Netmask request: Sends ICMP queries expecting reply code 18. Another alternative when echo requests are blocked.
  • SYN probes: Sends empty TCP packets with the SYN flag to the top 100 ports.
  • ACK probes: Sends TCP packets with ACK flags, expecting RST responses.
Sends UDP packets to common ports (53, 113, 161, 162, 497, 40125). An ICMP “port unreachable” response indicates the host is alive. This bypasses firewalls that only filter TCP traffic.
Sends IP packets with various protocol numbers (ICMP, IGMP, IP-in-IP, TCP, SCTP) to detect hosts that respond to specific protocols.
Uses port 53 (DNS) as the source port to bypass poorly configured firewalls that permit traffic based on source port.

Asset limits

Your subscription includes limits for both added assets and scanned assets. These limits apply across all your workspaces and are shared among all team members on your account. For detailed information about how asset limits work, see Assets and limits.

Best practices

Add meaningful descriptions to targets so you and your team can quickly identify what each one represents.
Group related assets in workspaces by project, client, or environment. This makes it easier to manage large inventories.
Remove decommissioned targets and assets to keep your inventory current and make room for new additions.
When importing large lists (especially IP ranges), enable the alive check to filter out unreachable hosts automatically.