Top Free Penetration Testing Software

Acunetix leads the market in automatic web security testing technology that accurately scans and audits all web applications, including HTML5, JavaScript and Single Page applications (SPAs). It offers a cost-effective entry into the web scanning market with a simple, scalable, and high availability solution, without compromising quality. Acunetix can report on a wide range of web vulnerabilities, including SQLi and XSS and provides the only technology on the market that can automatically detec

LA

Acunetix Online Network Security Scanner is one of the best automated web and web application able to use both developers, pen testers and auditors... Read review

AA

I like each and every feature of the Acunetix in Acunetix user can easily initiate a web application scan by just entering an IP address or URL or... Read review

Metasploit Pro is a penetration testing tool that increases penetration tester's productivity, prioritizes and demonstrates risk through closed-loop vulnerability validation, and measures security awareness through simulated phishing emails.

Appknox is an on-demand mobile application security platform that helps businesses detect and fix security vulnerabilities using an Automated Security Testing suite. We have been successfully reducing delivery timelines, manpower costs & mitigating security threats for Global Banks and Enterprises in 10 + countries.

PV

They were very professional - gave us time-lines beforehand, and stuck to them. Communication was clear and crisp Their team is very knowledgeable,... Read review

Intruder is a cloud-based vulnerability scanner that helps to find weaknesses in your online systems before the hackers do. It saves you time by proactively scanning for new threats as well as offering a unique threat interpretation system that makes vulnerability management easy.

MR

Cyber security is so important - we provide a payments platform, we couldn't do it without knowing our customers were secure using it. Intruder is... Read review

JD

Intruder is simple to set up and use. It allows me to implement, and change, blogs, active websites and web services without worrying that I've... Read review

Detectify is the first company of its kind to automate the cutting-edge knowledge of the best ethical hackers in the world to secure public web applications. Users check web applications against 2000+ known vulnerabilities beyond the OWASP Top 10. In a fast-paced tech environment, the potential attack surface increases with each release and new app created. Using Detectify, you can monitor your subdomains for potential takeovers and remediate security issues in staging and production, and find v

AG

Ease of use, knowledge from a lot of security experts in one place and savings Read review

EC

Simple to use interface and the reports that I can send to my customers to show the ground we've covered from a vulnerability perspective Read review

Defendify streamlines cybersecurity for non-enterprise organizations with limited security resources through an easy-to-use, all-in-one platform designed to continuously strengthen cybersecurity posture across people, process, and technology.

MS

The Defendify platform helped us create a standard Technology and Data Use Policy document, which we incorporated into our new hire onboarding... Read review

EC

The great thing is that this is a low-cost, vulnerability scanning engine perfectly sized for SMB without the huge overhead of some of the bigger... Read review

Core Impact is an easy-to-use penetration testing tool with commercially developed and tested exploits that enables security teams to exploit security weaknesses, increase productivity, and improve efficiencies. Core Impact gives you visibility into the effectiveness of your defenses and reveals where your most pressing risks exist in your environment. This enables you to assess your organization’s ability to detect, prevent, and respond to real-world, multi-staged threats against your infrastr

ImmuniWeb® AI Platform illuminates your external attack surface and Dark Web exposure for well-informed, risk-based, and DevSecOps-enabled application penetration testing.

OS

Try to prioritize your application risk with ImmuniWeb Discovery and then understand what you need to do. Read review

Nipper discovers vulnerabilities in firewalls, switches and routers, automatically prioritizing risks to your organization. Our virtual modelling reduces false positives and identifies exact fixes to help you stay secure and compliant Analyzing the configurations and interactions of your network infrastructure with the expertize of a skilled penetration tester – Nipper’s unrivaled accuracy can save Network Administrators up to 3 hours per audit, per device. Instead of spending time investigatin

FB

The software does a great job creating an effective report that dives into security flaws with a network configuration. The ability for it to... Read review