All the Pentest-Tools.com features you can use right now
Chain and max out the 20+ tools on the platform with the features we’ve built to make them fit into your workflow.
Attack Surface mapping
Automatically created from your scan results, the Attack Surface gives you an in-depth view of your targets’ exposure. It includes all the hosts, ports, services, technologies, etc. for the targets in your current workspace.
Internal scanning
Simulate an attacker with local network access with our dedicated VPN agent. Run any of our security tools through encrypted VPN tunnels and discover vulnerabilities in secluded networks, intranets, private clouds, or restricted-access systems. This feature also lets you route scans through your own servers!
Authenticated scanning
Scan behind login pages in web applications to pinpoint vulnerabilities as an authenticated user. Our Website Vulnerability Scanner offers multiple authentication methods ranging from username/password combinations to custom headers, cookies, and recorded login sessions.
Pentest reporting tool
Pull findings from multiple tools into a pentest report in under 3 minutes, complete with pre-filled executive summary, vulnerability and risk descriptions, and remediation advice. Make your best work replicable with customizable templates for findings, engagements, and reports. When you’re ready, export your report in .DOCX, PDF, HTML, and other formats.
White-label pentest reporting
Send polished penetration test reports customized with your company’s logo directly from your Pentest-Tools.com account. Manage and email reports in multiple formats (DOCX, PDF, HTML) all from one place, effortlessly maintaining a consistent, professional presentation to your clients and partners.
Pentest Robots
Pentest Robots orchestrate multiple tools and perform targeted testing based on strict conditioning that you define. Chain our tools based on your know-how and experience into a pentest robot or use choose from our predefined, ready-to-use pentest robots and get a flow you can automatically run (Scan with Robot) against any of your targets to discover specific types of security issues.
Integrations
Connect external applications and services to Pentest-Tools.com and get the latest, most relevant updates from your scans and other ethical hacking activities. Send results directly to a Jira project, get notifications based on specific triggers through webhooks, and see a scan results digest on your preferred Slack or Microsoft Teams channel.
Our REST API also helps you integrate our platform with your tools and internal workflows, or even develop your own tools based on our scanning engines.
Team sharing and management
Keep things organized, synchronized, and consistent when using Pentest-Tools.com with your team. From differentiated access rights to clear ownership over tasks, this feature makes it easy for colleagues to work together on the same target and maintain your quality standard.
Scan management: scheduling, templates, bulk scanning
Monitor your systems' security with scheduled scans combined with notifications and scan reports sent to your inbox. Combine multiple tools in scan templates for even wider coverage and deeper results, and use bulk scanning to assess multiple targets at once. This level of automation keeps you in control and also saves you time by erasing a lot of manual work.
Workspaces
Keep your engagements organized with workspaces. Group multiple assets in a specific workspace to ensure all your work pools into a single source of truth. This feature offers the flexibility of moving targets between workspaces, deleting them, and also giving colleagues access to a specific workspace to make collaboration easier.
Wordlists
Use the default wordlists we provide with tools such as our URL Fuzzer, Password Auditor, Subdomain Finder to make DNS Enumeration, fuzzing, or brute-forcing more efficient.
You can also upload your own wordlists (up to 50,000 words) to increase your chances of discovering juicy details about your targets or to gain initial access.
