See how to start a scan using the pentest robots.
Learn how to create scan groups so you can easier export aggregated scan results.
See how to configure email notifications when your scan matches certain conditions.
See how to set up the Network Scan OpenVAS port range
We have recently added a new method to perform internal network scanning which does not require you to perform any special configuration, you just have to run a VPN Agent and start scanning.
You can perform Authenticated Website Scan with JWT by using the custom HTTP headers authentication method
In order to fix a “no open ports” scan result, you should rescan with Nmap’s option “Don’t ping host (-Pn)” enabled or OpenVAS “Check if host is alive before scanning” option disabled.
From the /scans page you can view all your finished or ongoing scans, rescan, stop ongoing scans, download scan results or delete scan results.
See how to manage findings from all your scans in the /findings tab by adding or deleting findings, changing their status, and more.
See the authenticated website scanner limitations
Learn how to save time by creating and using scan templates which group multiple tools and options within one bundle, in order to launch them all at once.
You can continuously monitor the security of your systems using the Pentest-Tools.com platform by scheduling periodic scans.
You can start a new scan directly from a tool page or from the /targets page by selecting one of the “Scan with…” options.
You need to whitelist our scanners to prevent the following errors
You can see all scan results and download or delete scans from the /scans page. You can export the scan results as PDF, HTML, JSON, CSV, XLSX.
Here you can see more information about the duration and important milestones for some of our most commonly used scanners.
Scanning and IP range with Pentest-Tools.com
Addressing the concern regarding if there are any risks involved in performing a Full Website Scan
Each Pentest-tools.com plan has a limitation to how many targets you can scan and how many scans you can run simultaneously.
Not all OWASP Top 10 Web Application Security Risks can be detected by automatic scanners. See here how you can test 6/10 using Pentest-Tools.com platform.
See how to view how the default pentest robots are built.
Learn how to combine tool blocks with logic blocks to design the visual penetration testing flow that fits your specific needs.
See how to use the Recorded Authentication method for website scanner when scanning websites with a non-standard authentication method.
URL is out of scope” error can occur if the target URL is incorrect. Check the spelling of the address carefully and look for characters that are not typically present in addresses.
The Pentest-Tools.com Port scanners let you select common ports, a specific port range, or a list. See here the default port list.
You can increase the security of your account with Two-Factor Authentication (2FA). This article shows you how to login with the second factor using an authentication app on your mobile phone.
Here we address some questions about access rights and what type of data we store.
See how many base targets you have defined in the /workspace tab
See how to check your plan details and history, upgrade, downgrade or cancel your subscription, and change your personal information.
Find out how Pentest-Tools.com platform works, what it can do for your business and what makes it different to other solutions.
Use the Pentest-Tools.com workspaces feature so you can easily group targets based on your workflows
From the /targets page you can delete one or several targets, edit their description or move them to a different workspace.
You can add new targets either from the targets page, by directly scanning them or from the scan results of discovery tools.
We count as base targets only the hostname or IP address of the scanned system. All URLs belonging to the same base target will count as a single target.
You don’t need an account for the Light version of the tools. Go to the tool page and start scanning your systems for vulnerabilities.
See how to mark one or more findings in order to automatically exclude them from the scan result.
“Website is not Accessible” scan result can occur for several reasons, see here what you can do to fix this.
You can cancel your subscription from “My Account” by clicking the “Cancel Subscription” button at the bottom of the page.
See how to add sub-users to your Company’s account.