Scan, Exploit, Report, Repeat

Pentest-Tools.com is a powerful alternative to multiple security testing tools like Nessus, Qualys, Acunetix, Nexpose or Invicti. No install required, automatically updated, get started in minutes.

Free

Up to 2 parallel scans

Basic

Up to 2 parallel scans

Advanced

Up to 5 parallel scans

Teams

Up to 10 parallel scans

Enterprise / On Premise

More than 500 assets

More than 10 parallel scans

  • More assets

  • More parallel scans

  • More users

  • Specific functionality

  • Multi-year subscriptions

  • Airgapped scanning & vuln storage

Money back guarantee for all plansNo long-term contract

Compare plans

Pricing plan comparison

Up to 2 parallel scans

Light scans for quick exposure discovery (open ports, virtual hosts, subdomains, and more)
Included in Free
Deep scans for in-depth attack surface mapping (hidden files, port lists, reverse DNS, WAF, and more)
Not included in Free
Light scans for quick vulnerability and misconfiguration detection in your webapps and networks
Included in Free
Deep scans for more in-depth findings with all detection options enabled
Not included in Free
Safe and controlled remote attack simulations
Not included in Free
Automatic capture for cookies, keystrokes, HTML content, source IP, and more with our proprietary Handlers
Not included in Free
Asset & scan limits
Scanned Assets per scan cycle
Up to 5
Added Assets
Up to 100
Parallel scans
Up to 2
Queued scans
Up to 100
Scheduled scans
Up to 0
Scan & findings management
Attack Surface mapping
Included in Free
Exportable attack surface results (CSV, JSON)
Included in Free
Scan automation flows with Pentest Robots
Not included in Free
Custom scanning & exploitation (specific checks only)
partial availability
Findings management (edit, add, use templates)
Not included in Free
Internal/private network scanning (VPN agents)
Not included in Free
Authenticated web app scanning
Not included in Free
Wordlists (defaults & custom)
Not included in Free
Continuous monitoring
Scheduled scans
partial availability
Scan diff alerts [vulnerabilities, port scanning, subdomains]
Included in Free
Custom notifications
Included in Free
Monitoring
partial availability
Reporting capabilities
Scan results exports (PDF, HTML, CSV, XLSX)
Included in Free
Editable Report templates (DOCX)
Not included in Free
Aggregated Reports from multiple scans
Included in Free
White label reporting - add your own branding
Not included in Free
Integrations
API access
Not included in Free
Workflow integrations (email, Jira, Microsoft Teams, Slack, Discord, webhooks, etc.)
Email only
Cloud integrations (import targets from AWS)
Not included in Free
Compliance & risk management integrations (Vanta, Nucleus Security)
Not included in Free
Team management capabilities
Workspaces
Not included in Free
Multi-user access (up to 6 users in a plan)
Not included in Free
Data management
Historical data storage period
30 days
Account security
Two-factor authentication (2FA)
Included in Free
User login history
Included in Free
Dedicated support
Premium support with max. 48 hours SLA
Not included in Free
Additional payment options
Wire transfer or pro-forma invoice (for min. 1-year subscriptions)
Not included in Free

How security & tech pros use the platform

Pentest-Tools.com is the Swiss army knife for anyone performing black-box external network security assessments and an all-in-one comprehensive toolset for external red team/asset mapping engagements. I used to rely on a wide range of tools when mapping and scanning external organization assets, but since I found this comprehensive solution, I rarely need to use more than one.

Shay Chen Linkedin profile

Shay Chen

CEO at Effective Security Ltd. 

Israel 🇮🇱

Testimonial author: Shay Chen

Go beyond automated scans with professional services

True penetration testing involves human analysis and expertize. Our team of ethical hackers offer specialized offensive security services to manually assess the security of your web applications, network environments, and cloud infrastructures.

Common questions

Data privacy is one of our utmost concerns. We keep your data encrypted into our database and we have multiple defense-in-depth mechanisms to protect it. Furthermore, the security is also strengthened by our hosting provider's measures. Please see Linode security.