Pentest-Tools.com Reviews & Product Details

Pentest-Tools.com has been a big part of our journey toward being fully ISO 27001 and GDPR audit-ready. The platform made vulnerability management much easier for us — from early discovery to detailed remediation reports that our auditors could directly reference. It saved us a lot of manual work and gave us a consistent, reliable way to demonstrate our security posture. Their support team deserves special credit, especially Victor, who has always been extremely responsive and patient whenever we needed clarification or extra help. It’s rare to find this level of personal support these days.

I use Pentest-Tools.com on a monthly basis, and we have automated scans running across our key assets. It was surprisingly easy to set up assets, schedule recurring scans, and get valuable, audit-ready reports without needing extra manual effort. The results are reliable, easy to interpret, and have become part of our regular security rhythm. Overall, it’s a dependable platform backed by a team that genuinely cares about helping customers stay secure and compliant. Review collected by and hosted on G2.com.

If there’s one thing I’d change, it would be the user interface and navigation. While the tools themselves are excellent, the UX could be more intuitive when switching between scans, assets, and reports. I’d also love to see more integrations with GRC platforms, not just Vanta, so the results can fit more naturally into different compliance ecosystems. Adding some AI-assisted features for prioritizing vulnerabilities or generating remediation summaries would also make it even more powerful. Review collected by and hosted on G2.com.

It just works. The platform combines everything we need for pentesting (recon, scanning, exploit checks, reporting). No more switching between different tools. The interface is clear and easy to use. Reports look professional. Good to share without extra work.

Scheduling scans saves a lot of time, and support is quick and helpful. Review collected by and hosted on G2.com.

The pricing feels high, especially if you have many assets or a small team. For complex web apps, some findings need extra manual work before they’re useful for developers. Nothing critical, but it can be annoying. Review collected by and hosted on G2.com.

The Vulnerability assessment tool use lot of database to identify vulnerabilities with ease and the sniper tool is just one of the best tool to automate the exploitation process making our penetration testing project easy. The auto generated report provide detail overwiew of the client netwok making it easy to understand the weakness and recommendation to stregthen the security. Review collected by and hosted on G2.com.

The tool is great and the support is amazing nothing i can complain of as for now Review collected by and hosted on G2.com.

We monitor multiple servers (Debian, Ubuntu) at the network and application level. The results are quickly available, precise, and help us maintain our security level at a high standard. Particularly in the course of the ongoing certification according to BSI IT-Grundschutz, the reports were very helpful. The linking of external knowledge bases in the findings ensures quick verification and additional background knowledge. The relatively low price makes the offer affordable even for small businesses. The support responded quickly when I reported a false positive. Review collected by and hosted on G2.com.

Unfortunately, you can no longer replace assets (such as an IP address) within a month with another one (or if a scan has already taken place). I understand it, because this way you can easily bypass the limit by deleting and re-adding. Still, it's a bit annoying for me because I would actually like to monitor 6 targets. Review collected by and hosted on G2.com.

The Pentest-tools.com platform allows us create multiple test vectors for our customers so they can get an external and internal perspective of their vulnerabilities especially for web applications. We like the speed and performance of the tool. Support has also been great and responds in a timely fashion. Review collected by and hosted on G2.com.

The plans have some caveats and limitations you need to pay attention to. Review collected by and hosted on G2.com.

Pentest-Tools.com is a cloud-based toolkit for offensive security testing, focused on web applications and network penetration testing. The platform streamlines the use of 20+ tools that cover everything from recon, vulnerability scanning, and exploit tools through an easy to use, intuitive user interface that anyone with any level of cybersecurity experience can pick up and begin integrating into their operations immediately. That would be my favorite aspect of the platform, its ease of use. Review collected by and hosted on G2.com.

Something I didn't like is that without notification, Pentest-Tools modified their "scanned asset" plan limitation, which previously enabled teams to rotate assets as needed to remain under the limit of 500 total assets being managed on the platform, now the limit of total assets appears to be 10,000, which is great, however only under the "Teams" plan, only 500 "new" assets may be added per billing cycle, which could be limiting to teams that begin new engagements that will far exceed the 500 asset limit.

Despite the frustration of this change taking place without notification, Pentest-tools customer support was incredibly responsive and accommodating when we reached out with our concerns, and overall our experience with the pentest-tools support team has been fantastic. Review collected by and hosted on G2.com.

We recently started using PenTest-Tools for our vulnerability scanning. This tool combines multiple scanning capabilities into a single platform, allowing us to centralize our vulnerability management process. By consolidating various tools into one, it has become much easier to manage and monitor the overall picture of our vulnerability management efforts. Additionally, PenTest-Tools offers an integration feature with JIRA, which helps us address findings more efficiently. The configuration of the tool is simple and straightforward, and the support team is also very good at providing prompt feedback and solutions. Review collected by and hosted on G2.com.

As just started to sue it, couldn't find any drawbacks for now. Review collected by and hosted on G2.com.

Pentest tools provides a wide array of automated white-hat hacking tests, for all kinds of exploits. VPN setup to test inside your environment is pretty easy, and stable. It provides us with a very good overview of any internal or exposed vulernabilties, and allows us to close those holes before a hackker finds them. We run pentest tools the first weekend after every site update/upgrade just to be certain all is well.

Their Support is also very good. I have had to use them a couple of times, and they prioritize issues well, and get to a good resolutions quickly, without a lot of the "please try these common things" time wasting approach. Review collected by and hosted on G2.com.

Very few downsides. Internal scans can impact your servers performance, so we attempt to schedule these during low usage periods. Otherwise I cannot find many faults. Review collected by and hosted on G2.com.

Pentest-Tools makes it easy to perform security assessments of web applications with virtually no setup or infrastructure requirements. They also provide a variety of tools for OSINT gathering and attack surface mapping to help make sure that you're giving customers good coverage of their public-facing attack surface. Review collected by and hosted on G2.com.

Their assessment capability for SPA (single page applications) is relatively new so results with modern SPA applications can be hit-or-miss. Also, they do support scanning behind authentication, but they designed it to be very simple and user friendly. For many HTML-based login forms this works fine, and they do allow you to provide cookies or headers to use for other cases but if those don't work, they don't provide much in the way of logging or other tools for customizing the authentication workflow in order to troubleshoot and get it working. Their tech support team has helped in most cases that I've had trouble with, but resolution time may vary if their 'first line of support' can't figure it out. Review collected by and hosted on G2.com.

I like that this site allows me to do PenTesting of all my websites and get information pretty quickly, which would typically take multiple hours to get using manual scans and other pen-testing tools. I could soon get a detailed view of the current attack surface of my company's websites and could quickly tell what was exposed to the internet. Not only was it able to find vulnerabilities, but it also guided remediation. This is an excellent addition to anyone's cybersecurity toolbox!

This tool provided such good information that it quickly became a part of my weekly cyber scans. I could quickly implement it into my daily schedule and use the scans to supplement my other cybersecurity tools with an easy integration. Review collected by and hosted on G2.com.

The only thing I dislike is that I wish I could have had more websites available for the free version; maybe instead of limiting the website, limit functionality, as I think it would have given me more reasons to get the paid version! Review collected by and hosted on G2.com.