Skip to main content
TrustRadius
Pentest-Tools.com

Pentest-Tools.com

Overview

What is Pentest-Tools.com?

Pentest-Tools.com allows users to discover and report vulnerabilities in websites and network infrastructures. They provide a set of integrated pentesting tools designed to enable users to perform easier, faster, and more effective pentest engagements.Quickly discover the attack surface of a…

Read more
Recent Reviews

TrustRadius Insights

Users have found value in utilizing Pentest-Tools.com for identifying risks on websites and finding solutions to resolve these issues. The …
Continue reading
Read all reviews
Return to navigation

Pricing

View all pricing

Pro Basic

$65.00

Cloud
per user

Pro Advanced

$130.00

Cloud
per user

Enterprise

$260.00

Cloud
per user

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://pentest-tools.com/pricing

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Details

What is Pentest-Tools.com?

Pentest-Tools.com allows users to discover and report vulnerabilities in websites and network infrastructures. They provide a set of integrated pentesting tools designed to enable users to perform easier, faster, and more effective pentest engagements.
  • Quickly discover the attack surface of a target organization, check if the IT team has done a good job in securing the perimeter

  • Speed-up pentesting engagements, easily find low-hanging fruits by using a browser

  • Bypass local network restrictions and scan from external IP addresses

  • Periodically scan for vulnerabilities and get notified when new issues are discovered

  • Find SQL injection, Cross-Site Scripting, OS Command Injection, and other high-risk vulnerabilities

  • Integrate the security scans (via API) into a current software development lifecycle

  • Verify the security of Internet-facing servers using already installed and configured security tools, check the security of web applications by performing external security scans, obtain a quick overview of a company's security posture, discover the internet exposure of a company as an attacker sees it

  • Create credible proof-of-concepts to prove the real risk of vulnerabilities, present the results to management or clients with easy to read reports

Pentest-Tools.com Features

  • Supported: Vulnerability Assessment
  • Supported: Attack Surface Mapping
  • Supported: Internal Network Scanning, VPN Scanning
  • Supported: Scan Scheduling
  • Supported: API Access
  • Supported: Bulk Scanning
  • Supported: Scan Templates, RPA robots
  • Supported: Advanced White Label Reporting
  • Supported: Managed Pentesting Service for Web Applications

Pentest-Tools.com Screenshots

Screenshot of Pentest-Tools.com DashboardScreenshot of Pentest-Tools.com ReportScreenshot of Pentest-Tools.com DOCX White Label ReportScreenshot of Pentest-Tools.com Scan SchedulerScreenshot of Pentest-Tools.com VPN ScanningScreenshot of Pentest-Tools.com APIScreenshot of Pentest-Tools.com Scan TargetsScreenshot of Pentest-Tools.com WorkspaceScreenshot of Pentest-Tools.com ScansScreenshot of Pentest-Tools.com Attack Surface View

Pentest-Tools.com Videos

Getting started with Pentest-Tools.com
How to manage, filter & report your penetration testing results - Fast Pentest-Tools.com run through
How to remove false positives from your scan report - run-through with Pentest-Tools.com
How to perform authenticated website scans with Pentest-Tools.com
How to generate editable pentest reports with Pentest-Tools.com
How to add findings manually to your penetration testing results generated by Pentest-Tools.com

Pentest-Tools.com Integrations

Pentest-Tools.com Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal
Supported LanguagesEnglish
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(2)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Users have found value in utilizing Pentest-Tools.com for identifying risks on websites and finding solutions to resolve these issues. The platform is primarily used for verifying known vulnerabilities and conducting reconnaissance checks. Users appreciate that Pentest-Tools.com operates on the cloud, eliminating the need for computing resources on their endpoints. The automation and extensive library of PenTests provided by the platform are highly valued by users as it allows for quick deployment and automation of security tools, improving vulnerability analysis and exploitation. Clients have reported that Pentest-Tools.com has significantly enhanced their SDLC workflow by streamlining the DAST process. Users rely on the platform's on-demand scans, asset discovery, and automated pen-testing capabilities. They also benefit from the convenience of the quick login and start feature which enables them to begin a PenTest in just 3 minutes. The Drupal-specific scans offered by Pentest-Tools.com are particularly relevant for certain companies. Additionally, users appreciate the platform's excellent reconnaissance information, external scans, and easy-to-use dashboard. For SMBs aiming to meet SOC II Type II compliance requirements, Pentest-Tools.com proves to be a useful tool. It has also been instrumental in tightening web asset security for clients, providing detailed reports for vulnerability detection, and saving time and money by avoiding third-party developers. Furthermore, users rely on the product to determine services with vulnerabilities, prioritize actions, and send necessary corrections. Pentest-Tools.com allows for rapid deployment and automation of security tools, improving vulnerability analysis and exploitation. It helps in identifying vulnerabilities, providing information for remediation, detecting problems with content management systems and server software to mitigate potential damages if exploited. The tool is appreciated for its ability to find vulnerabilities in ASP.NET web applications that other tools may miss as well as its accuracy in carrying out vulnerability assessments for clients. Users also rely on the platform to quickly scan and close open ports on firewalls. With its cost-effective solution, Pentest-Tools.com offers continuous scanning of systems, identifying vulnerabilities early on and enabling improvements in software security. By checking their own sites for flaws and contacting vendors for fixes, users rely on the platform to address any issues with their websites or servers. The platform provides fast testing results, multiple scans, and comprehensive recommendations which is highly appreciated by users. Customers have praised the password auditor feature of Pentest-Tools.com as it helps assess the strength of passwords and identify potential weaknesses. Organizations have used Pentest-Tools.com to assess the security of their systems and identify potential weaknesses that could be exploited by malicious hackers. Customers have found value in setting up automated alerts through Pentest-Tools.com, allowing them to be notified when any security issues arise, providing them with situational awareness at all times. The use of Pentest-Tools.com has helped organizations protect their assets and sensitive information from cyber attacks, as well as ensure compliance with relevant regulations and standards. With its automation and organization features, Pentest-Tools.com resolves issues related to disorganized environments, hardware requirements, and lack of tool knowledge. Users rely on the platform for cost-effective pentesting and peace of mind when it comes to passing client-mandated tests. It allows for automatic scanning of deployments, keeping customers protected and identifying the latest vulnerabilities. Compared to external agencies, users appreciate the transparency and cost-effectiveness of Pentest-Tools.com. Additionally, the tool has been praised for its ability to fix major issues in servers and websites quickly. Users also rely on the platform to check their own sites for flaws and contact vendors for fixes before production, thanks to its quick testing capabilities. Overall, users appreciate the convenience, multiple scans, and recommendations provided by Pentest-Tools.com as it helps them identify vulnerabilities early on and take necessary action to secure their systems effectively.

Valuable Testing and Security Auditing Tools: Several users have found Pentest-Tools.com to be a standout platform with valuable testing and security auditing tools for identifying potential threats and vulnerabilities. They appreciate the significant growth in the platform's capabilities and toolset over the years, reflecting Pentest-Tools.com's commitment to remaining at the forefront of the cybersecurity field.

Ease of Use and Simplicity: Many reviewers have praised the ease of use and simplicity of Pentest-Tools.com. They find it simple, fast, and robust, making it easy to launch and use for scanning and monitoring attack surfaces. Users rely on it for regular vulnerability scanning and application security testing, particularly appreciating its ability to schedule scans, generate compliant reports, and provide timely updates through informative emails.

Excellent Support: A number of users have commended Pentest-Tools.com for providing excellent technical support. They value its low-cost alternative to mainstream platforms as well as its easy integration with on-prem environments via VPN connectors. Additionally, users appreciate having all their PenTests in one place with easy management features and a great dashboard. The flexibility of establishing routine tests with granular controls is also highly regarded along with practical reporting tools offered by the platform.

Difficult to Understand: Some users have found Pentest-Tools.com challenging to understand without extensive research, especially for new or inexperienced users. They suggest an improved onboarding process to help users get up to speed quickly.

Minor GUI Adjustments Needed: Users have mentioned several minor GUI adjustments that could be made, such as clearly listing the group that assets are assigned to in the results section, implementing a dropdown menu for selecting and displaying dashboard visuals, and fixing a bug where only the first asset in a list is scanned.

Lack of Scan Logging Functionality: Some users feel that there is a lack of scan logging functionality to investigate scan failures and have suggested adding this feature.

Users commonly recommend the following: spend time experimenting with options on a site you own to understand the depth of capability of this platform, try the trial version of this software as it is a good, easy-to-use service with lots of options, and it is relatively inexpensive compared to others and is frequently updated with new features. Additionally, users suggest checking out the customer references to validate their legitimacy before making a decision, although some express concern about their data leaving the US.

Overall, users find this software user-friendly and accessible. It is worth the annual subscription and the team at Pentest-Tools.com is praised for their responsiveness and dedication to ensuring a good experience. Users also recommend taking advantage of the available training resources to get up to speed quickly. Additionally, users suggest deciding on requirements before selecting a solution.

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Pentest-Tools.com is a website that provides a range of online tools and services for pentesting, or ethical hacking. These tools are designed to help identify and address vulnerabilities in computer systems and networks. In our organization, Pentest-Tools.com is used to assess the security of the company's systems and identify potential weaknesses that could be exploited by malicious hackers. This helps us protect our assets and sensitive information from cyber attacks, and also helps ensure compliance with relevant regulations and standards. In particular, we like to utilise this product for it's website/port scanners, and it's password auditor, since these allow us to set up automated alerts when something has gone awry, giving us situational awareness at all times.
  • Cheaper than some other platforms
  • Good support
  • Cloud based
  • Integrates well with identity providers
  • No logging for things like scanning. This means you don't actually know when the scan has failed if you're not immediately on the ball.
  • Reports could look better. It would be good to be able to customise the report with some different styles to suit your company's branding.
  • Could have better tutorials.
  • It may be useful to have a feature similar to Microsoft Secure Score, which compares your organisation to similar ones, so that you have a reference of how secure your environment actually is.
This website is well suited for organisations that perform regular security assessments. In particular, external scans and reconnaissance. As an example, I am able to run a report on our Wordpress website to enable me to see whether we are missing any important security updates.

We found it to be very useful for training new security analysts, due to the straightforward GUI. You can work on the same projects together to help you to do this. Having it laid out in front of them helps them to understand the concepts much easier than using dozens of different tools to achieve the same goals, and also speeds up training.

If you're a personal user it may not be appropriate due to price. If you are a personal user, I would advise using the many open source tools there are that do the same things. The strength of this platform is that it combines them into a single pane of glass, but you can achieve the same things with other tools if necessary. For example, there are many other tools that you could use to run a UDP port scan that do not cost money (EG NMAP).
  • Attack surface view allows you to see the multiple different scanners in one place, giving you an overview of that targets complete security picture.
  • Cloud based. This is really important because tools like this need to be easily accessible for ease of use. Ideally you don't want to have to access a dedicated device every time you want to run a report, because it can be a real pain to do so whilst you are on the go.
  • Quick and easy to generate reports. This was useful to sell internally when we wanted to purchase the tool, and I imagine it would be useful for MSSP's as well, as the ability to quickly spin up a report for exactly what you need immediately is an impressive thing to do. You can edit the report before generating it so that it suits your needs, only including the information that is relevant.
  • White label features for the reporting
  • Price point allows us to sell the solution at an excellent margin
  • Freed up time due to the automated solutions, allowing us to utilise staff better
  • Use from anywhere due to being cloud based
Offers a great number of tools in one interface, giving you a single pane of glass to work from. Therefore, it's favourable compared to some of these other products, that do similar things but are less intuitive and less easy to use. This makes it not only easier to use, but easier to report results to your customers.

Also, although the price point can seem high, once you start adding multiple paid tools that do the same job, there probably isn't a massive amount of difference (if any).
Yes
We were using some free solutions to test our external vulnerability - EG free wordpress scanners, NMAP, Shodan. When we wanted to increase our security awareness without expending a lot of extra time, this tool was the preferred offering.
  • Product Usability
Usability was most important because we don't have many greatly experienced security analysts, so this product is a great way to save money on salaries and also save the time that would otherwise be spent constantly browsing through the different tools. For me this is the part of the product that justifies the reasonably high price. However, it would still be good if they offered things like student discount pricing, or a personal solution, since this price point is effectively gatekeeping users from their product.

It is not unreasonable to suggest that it is in their business interests to do so, since people that are learning to be security researchers/pen testers are likely to use the tools that they first learn on. Also, encouraging the development of the security community means that there will be more IT security users around, and more users = more revenue.
I wasn't involved with the selection process, although I did have limited input to the evaluation process. We looked at multiple different products in the industry and we adjudged that this product was the one that suited our particular needs the best. We had trials for each particular product and ran them alongside to see which fared better in the real world. The only thing I can say here is that we probably could have run the products for longer to give a better idea of how they would fare over the long term, although this hasn't ultimately proven to be much of a problem for us.
Return to navigation