Penetration Testing reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Penetration testing tools are used to test vulnerabilities within computer systems and applications. They work by simulating cyberattacks that target known vulnerabilities, as well as general application components, in an attempt to breach core systems. Companies practice penetration tests to uncover new defects and test the security of communication channels and integrations. These tools are related to other application security and vulnerability management solutions, but only these tools specifically perform penetration tests. There are also a number of cybersecurity services providers that provide pentration testing in the form of a managed service.
To qualify for inclusion in the Penetration Testing software category, a product must:
Use the Pentest-Tools.com platform to quickly detect and report vulnerabilities in websites and network infrastructures! ✔ 25+ tightly integrated penetration testing and ethical hacking tools for easier, faster, and more effective engagements ✔ Built for pentesters, sysadmins, web devs, MSPs, business owners, and other professionals seeking to automate and save time ✔ Painless vulnerability management: add manual findings, change risk levels, delete obsolete targets, create and export customiza
Metasploit Pro is a penetration testing tool that increases penetration tester's productivity, prioritizes and demonstrates risk through closed-loop vulnerability validation, and measures security awareness through simulated phishing emails.
Appknox is an on-demand mobile application security platform that helps businesses detect and fix security vulnerabilities using an Automated Security Testing suite. We have been successfully reducing delivery timelines, manpower costs & mitigating security threats for Global Banks and Enterprises in 10 + countries.
Founded in 2009, Netsparker Ltd develops a leading-edge web application security solution. The combination of dead accurate scanning with proprietary automatic exploitation technology brought Netsparker early success, and the company is now a recognized leading player in the web application security industry. Netsparker can identify vulnerabilities in all types of modern web applications, regardless of the underlying architecture or platform. Upon identifying an exploitable vulnerability, the N
Intruder is a cloud-based vulnerability scanner that helps to find weaknesses in your online systems before the hackers do. It saves you time by proactively scanning for new threats as well as offering a unique threat interpretation system that makes vulnerability management easy.
Bugcrowd is the #1 crowdsourced security company. More Fortune 500 organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next gen pen test programs. Bugcrowd’s award-winning platform, Crowdcontrol, combines actionable, contextual intelligence with the skill and experience of the world’s most elite hackers to help leading organizations solve security challenges, protect customers, and make the digitally connected world a safer place. Bugcrowd Next Gen Pen Test (
Veracode helps companies that innovate through software deliver secure code on time. Unlike on-premise solutions that are hard to scale and focused on finding rather than fixing, Veracode comprises a unique combination of SaaS technology and on-demand expertise that enables DevSecOps through integration with your pipeline,empower developers to fix security defects, and scales your program through best practices to achieve your desired outcomes. Veracode covers your all your AppSec needs in one s
Detectify is the first company of its kind to automate the cutting-edge knowledge of the best ethical hackers in the world to secure public web applications. Users check web applications against 2000+ known vulnerabilities beyond the OWASP Top 10. In a fast-paced tech environment, the potential attack surface increases with each release and new app created. Using Detectify, you can monitor your subdomains for potential takeovers and remediate security issues in staging and production, and find v
Defendify is the only all-in-one SaaS-delivered cybersecurity platform designed specifically for growing businesses. It features 13 cybersecurity tools in 1 easy-to-use SaaS platform with automated program management, risk scoring, alerts, notifications, reports, recommendations, containment, and more. As a single pane of glass, Defendify provides multiple layers of ongoing protection to continuously improve the strength of your security posture against evolving cyber threats.
Test running apps and services for common security weaknesses and vulnerabilities using malformed inputs to detect flaws. Leverage fully automated tests across 250+ test suites, protocol-specific attack patterns and automatic test mutation
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited. The U.S. Department of Defense, General Motors, Google, Twitter, GitHub, Qualcomm, Starbucks, Dropbox, Intel,and over 1,200 other organizations have partnered with HackerOne to resolve over 100,000 vulnerabilities and award over $80M in bug bounties.
Cobalt's Pen Testing as a Service (PTaaS) Platform transforms yesterday’s broken pen test model into a data-driven vulnerability management engine. Fueled by our global talent pool of certified freelancers, Cobalt's crowdsourced SaaS pen test platform delivers actionable results that empower agile teams to pinpoint, track, and remediate software vulnerabilities. Hundreds of organizations now benefit from high quality pen test findings, faster remediation times, and higher ROI for their pen test
Entersoft is a leading application security provider helping organizations worldwide protect their products against malicious threats and compliance concerns. We believe that application security is a journey, not just a goal, and work with business leaders as partners and advisors to safeguard their applications with an integrated, proactive and forward-thinking approach.
Dynamic Application Security Testing for DevOps Frequent changes to applications, whether built by in-house DevOps teams or outsourced from commercial suppliers, means risk evaluation must shift towards continuous testing. Our Dynamic Application Security Testing (DAST) solution, provides critical assessments during the SDLC rapidly and efficiently with quick-and-easy configuration assessments. With an accessible REST API, Selenium integration, and automated reporting, Scale is designed to del
Cobalt Strike is a penetration testing solution that enables companies to emulate the tactics and techniques of a cyberthief in an IT network to highlight weaknesses. Cobalt Strike gives you a post-exploitation agent and covert channels to emulate a quiet long-term embedded actor in your customer's network. Malleable C2 lets you change your network indicators to look like different malware each time
Core Impact is an easy-to-use penetration testing tool with commercially developed and tested exploits that enables security teams to exploit security weaknesses, increase productivity, and improve efficiencies. Core Impact gives you visibility into the effectiveness of your defenses and reveals where your most pressing risks exist in your environment. This enables you to assess your organization’s ability to detect, prevent, and respond to real-world, multi-staged threats against your infrastr
GamaShield a cutting-edge virtual hacker technology to identify and eradicate dangerous malware threats and website application vulnerabilities, a pre-breach tool designed to detect and prevent cyber attacks. GamaSec provides a portfolio of services including web vulnerability scanning, daily malware detection, blacklist monitoring and application Firewall (WAF) with DDoS detection. This combination of a proprietary security platform and industry knowhow enables GamaSec to deliver industry-lead
MaxPatrol is an all-in-one vulnerability management solution designed to provide vulnerability and compliance management for applications, databases, network and operating systems, as well as ERP (SAP), ICS/SCADA, Core Telecom and Banking infrastructure.
Established in 2015 with offices in Israel, Boston, London and Zurich, Pcysys delivers an automated network penetration testing platform that assesses and helps reduce corporate cybersecurity risks. Hundreds of security professionals and service providers around the world use Pcysys to perform continuous, machine-based penetration tests that improve their immunity against cyber-attacks across their organizational networks. With close to 100 enterprise global customers across all industries, Pcys