Pricing and plans

Pentest-Tools.com is a powerful cloud-native alternative to multiple security testing tools like Nessus, Qualys, Acunetix, Nexpose or Invicti.

Choose what best fits your security mission

  • NetSec

    for network vulnerability assessment

    starting from5 assets included

  • WebNetSec

    for web app, network & API vulnerability assessment

    starting from5 assets included

  • Pentest Suite

    for human-led penetration testing

    starting from5 assets included

Included in all plans:

  • API access
  • Unlimited rescans for your asset inventory
  • Continuous security monitoring & alerts for assets across your inventory
  • Unlimited team members
  • Integrations for security operations workflows, including AWS, Vanta, Nucleus Security, Jira, Microsoft Teams, webhooks & more

Optional add-ons

Internal network scanningBranded reports & emails
Continue with the free edition

Built by pentesters.Trusted by 2000+ security teams in 119+ countries

  • Vodafone logo
  • Starbucks logo
  • Orange logo
  • Generali logo
  • Rolex logo
  • Accenture logo

Custom plans

For organizations with enterprise-level security needs.

Ask for a custom offer

A detailed view of our plans

Let's make it easy for you to choose the best plan for your security workflow

Pricing plan comparison
Attack surface mapping & recon tools
Quick exposure discovery (open ports, virtual hosts, subdomains, and more)
Included in Free
In-depth attack surface discovery (hidden files, port lists, reverse DNS, WAF, and more)
Not included in Free
Network vulnerability scanning
limited
Web vulnerability scanning (including authenticated scans)
limited
Cloud vulnerability scanning
Included in Free
API vulnerability scanning
limited
Safe and controlled vulnerability detection and exploitation (based on our research team's custom exploits)
Not included in Free
Vulnerability validation with proof of exploitation (user lists, screenshots, interesting files, etc.)
Not included in Free
In-depth data extraction with proprietary Handlers (cookies, keystrokes, HTML content, source IPs, etc.)
Not included in Free
Asset & scan limits
Scanned Assets per scan cycle
Up to 5
Parallel scans
2
Queued scans
Up to 100
Scheduled scans
25
Scan & findings management
Unified Attack Surface mapping with exportable results (CSV, JSON)
Included in Free
Scan automation flows with Pentest Robots (tool chaining for vulnerability assessment and pentesting sequences)
Not included in Free
Custom scanning & exploitation parameters (specific checks only)
partial availability
Findings management: add manual findings, use predefined templates, modify findings
Not included in Free
Wordlists (defaults & custom)
partial availability
Import scan results & findings from other security tools (Burp Suite)
Not included in Free
Continuous vulnerability monitoring
Scheduled scans
partial availability
Scan diff alerts (vulnerabilities, port scanning, subdomains)
Included in Free
Custom notifications
Included in Free
Continuous attack surface monitoring for specific assets
partial availability
Reporting & Engagement capabilities
Scan results exports (PDF, HTML, CSV, XLSX)
Included in Free
Aggregated exports from multiple scans
Included in Free
Pentest report generation with editable templates (DOCX)
Not included in Free
Integrations
API access
Not included in Free
Workflow integrations (email, Jira, Microsoft Teams, Slack, Discord, webhooks, etc.)
Email only
Cloud integrations (import targets from AWS)
Not included in Free
Compliance & risk management integrations (Vanta, Nucleus Security)
Not included in Free
Team management & sharing capabilities
Workspaces
1
Unlimited team members
Not included in Free
Data management
Historical data storage period
90 days
Account security
Two-factor authentication (2FA)
Included in Free
User login history
Included in Free
Dedicated support
Premium support with max. 48 hours SLA
Not included in Free
Additional payment options
Wire transfer or pro-forma invoice (for min. 1-year subscriptions)
Not included in Free

Expert security testing services

For organizations looking for meticulous, managed penetration tests and red team engagements that surface real risks for business continuity.

See what we cover

Join our exclusive Partner Network

Expand your offering with a proprietary product for security and IT teams in large organizations. Help them align and streamline vulnerability assessments and penetration testing activities ranging from attack surface mapping to precise, proof-based reporting.

See how it works

How security pros use our products

Pentest-Tools.com is the Swiss army knife for anyone performing black-box external network security assessments and an all-in-one comprehensive toolset for external red team/asset mapping engagements. I used to rely on a wide range of tools when mapping and scanning external organization assets, but since I found this comprehensive solution, I rarely need to use more than one.

Shay Chen Linkedin profile

Shay Chen

CEO at Effective Security Ltd.

Israel 🇮🇱

Review author: Shay Chen

FAQ(s)

You have questions, we're here to clarify