OWASP Penetration Testing Kit

OWASP Penetration Testing Kit is a Chrome extension developed by pentestkit.co.uk. According to the data from Chrome web store, current version of OWASP Penetration Testing Kit is 8.3.3, updated on 2023-03-17.
10,000+ users have installed this extension. 14 users have rated this extension with an average rating of .
developer website: pentestkit.co.uk

OWASP Penetration Testing Kit

Penetration Testing Kit browser extension allows you to simplify your day-to-day job in application security.

In-browser runtime DAST and SCA scanning to find SQL Injections, Command Line Injections, Stored and Reflected XSS vulnerabilities, and even more like SQL Auth Bypass, XPath injections, or JWT attacks.

One-click access to insightful information about technology stack, WAFs, security headers, crawled links, and authentication flow.

Proxy with a detailed traffic log that allows you to repeat any request in the R-Builder or send it to the R-Attacker and execute XSS, SQL, or OS Command injections automatically.

Craft your own request in R-Builder or run a DAST scan using R-Attacker while browsing an application and check for SQL Injection or XSS right in the browser.

SCA scan that helps you to identify any javascript well-known vulnerabilities, aka CVE.

Cookie editor allows to manage cookies and you can add, edit or remove cookies. And even more - you can create rules to block or protect cookies or export cookies and then import them again.

Decoder/Encoder utility to manage encoding and decoding from and to UTF-8, Base64, MD5, and more.

Integrated Swagger.IO to help you understand API documentation better and create any requests to its endpoints.

With Selenium integration, this extension can help you to identify security risks at the very beginning of your development cycle.

Are you a penetration tester or a member of a Red Team or an application security practitioner? Need a security insight on an application? Try the PTK - an extension that makes your browser smarter.