OWASP Penetration Testing Kit

https://pentestkit.co.uk/

4,8(

26 notas

)

ExtensãoFerramentas para desenvolvedores20.000 usuários

Mídia 5 (captura de tela) para OWASP Penetration Testing Kit

Mídia 6 (captura de tela) para OWASP Penetration Testing Kit

Mídia 2 (captura de tela) para OWASP Penetration Testing Kit

Mídia 3 (captura de tela) para OWASP Penetration Testing Kit

Mídia 4 (captura de tela) para OWASP Penetration Testing Kit

Visão geral

OWASP Penetration Testing Kit

The OWASP Penetration Testing Kit (PTK) browser extension is your all-in-one solution for streamlining your daily AppSec tasks. Whether you’re a penetration tester, a Red Team member, or an AppSec practitioner, OWASP PTK enhances your efficiency and provides deep insights into your target application. Key Features: Runtime Scanning (DAST & IAST & SAST & SCA): Perform Dynamic Application Security Testing, Static Analysis, In-Browser IAST and Software Composition Analysis on the fly. Identify SQL injection, command injection, reflected/stored XSS, SQL auth bypass, XPath injections, JWT attacks, and other complex threats. Static Analysis (SAST): PTK automatically parses loaded JavaScript, HTML, and CSS right in your browser—before any code ever runs. It flags unsafe patterns like `eval()`, `innerHTML`/`outerHTML` injection, insecure cryptographic calls, missing input sanitization, and common anti-patterns. In-Browser IAST (Interactive Application Security Testing): PTK’s built-in IAST engine instruments your app at runtime—right in the browser—tracking taint flows and code execution to flag vulnerabilities as they occur. Catch issues like DOM-based XSS, unsafe `eval`/`innerHTML` usage, open-redirects, and more without leaving your dev tools. JWT Inspector: Analyze, craft, and tamper with JSON Web Tokens. Generate keys, test null signatures, brute-force HMAC secrets, and inject malicious `jwk`, `jku`, or `kid` parameters. Insightful Application Info: One-click visibility into tech stacks, WAFs, security headers, crawled links, and authentication flows. Built-in Proxy & Traffic Log: Capture all HTTP(S) traffic, replay requests in R-Builder, and automate XSS, SQLi, and OS command injection. R-Builder for Request Tampering & Smuggling: Craft and manipulate HTTP requests, including complex request-smuggling techniques. Now with cURL import/export. Cookie Management: Add, edit, remove, block, protect, export, and import cookies from a powerful in-browser editor. Decoder/Encoder Utility: Instantly convert between UTF-8, Base64, MD5, URL-encode/decode, and more formats. Swagger.IO Integration: Browse and interact with API endpoints directly from your Swagger documentation. Selenium Integration: Shift left security by running automated Selenium tests with built-in vulnerability checks. Enhance your AppSec practice with PTK—the extension that makes your browser smarter and your testing faster. Install today and start uncovering vulnerabilities in real time!

4,8 de 5
26 notas
Saiba mais sobre resultados e avaliações.

Detalhes

Versão
9.8.0
Atualização
1 de abril de 2026
Sinalizar problema
Tamanho
8.79MiB
Idiomas
English (United Kingdom)
Desenvolvedor
Website
E-mail
denis.podgurskiy@gmail.com
Não negociante
Esse desenvolvedor não se identificou como comerciante. Caso você seja da União Europeia, observe que os direitos do consumidor não se aplicam a contratos firmados entre você e esse desenvolvedor.

Privacidade

Gerencie extensões e saiba como elas estão sendo usadas na sua organização

OWASP Penetration Testing Kit divulgou as informações a seguir sobre a coleta e o uso dos seus dados. Para mais detalhes, consulte estas informações do desenvolvedor: privacy policy.