OWASP Penetration Testing Kit

▶

OWASP PTK: All-In-One Pen Testing Browser Extension

The 'OWASP Penetration Testing Kit' is a comprehensive Chrome extension tailored for security professionals. It integrates DAST, SCA, and JWT inspection into your browser for enhanced testing efficiency. Discover vulnerabilities right from your browser, craft HTTP requests with R-Builder, analyze security with JWT Inspector, manage cookies, and encode or decode data. Additionally, PTK's traffic log proxy and integrations with Swagger.IO and Selenium facilitate a more robust security workflow.

Download

Extension stats

By: https://pentestkit.co.uk

Users: 20,000+

Rating: 4.81

(43)

Version: 8.9.3 (Last updated: 2024-05-06)

Creation date: 2020-06-26

Permissions:

activeTab
cookies
notifications
storage
unlimitedStorage
tabs
webRequest
background
debugger
scripting

Host permissions:

<all_urls>
*://*/*

Size: 7.49M

Email: de*****@gmail.com

URLs: Website ,Privacy policy

Full description: See detailed description

Ranking

# 6,102 ▲ 55

Other rankings

#2734 in Developer Tools ▲ 9

#27 in testing keyword 25

#39 in inject keyword 38

#78 in security keyword 87 ▲ 3

#91 in algorithm keyword 37 ▲ 1

Upgrade to see more rankings

Other platforms

Not available on Android

OWASP Penetration Testing Kit (v8.9.2)

1,875+ 4.71

(14)

OWASP Penetration Testing Kit (v8.9.3)

6,454+ 4.80

(24)

User reviews

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros

User-friendly tools for modified requests (Request Builder)
Effective JWT Inspector for securing token-based authentication
Request Attacker is efficient in finding XSS and SQL Injection vulnerabilities
SCA scan with reporting provides comprehensive insights for enhanced security
Overall positive experience and satisfaction with the extension

Cons

Does not work on Arc browser

Most mentioned

Request Builder
JWT Inspector
Request Attacker
SCA scan with reporting
Overall excellent functionality and user experience

User reviews

Works on Chrome and other Chrome-based browsers. Sadly, won't work on Arc browser :(

Dan Cristino, 2024-08-31

Helpful stuff thanks!

Przemysław Samsel, 2024-04-13

Wonderful extension

gideon adavize, 2024-01-26

View all user reviews

Extension safety

Risk impact

OWASP Penetration Testing Kit requires a lot of sensitive permissions. Exercise caution before installing.

Risk impact analysis details

Critical Allows for debugging of other web apps and extensions, which can intersect with sensitive information and security boundaries.
Critical ****** ****** ** ******* ***** ***** *** ** **** ** ***** **** ******** ****** *** ******** ********** * ******* ********
Critical ****** ****** ** *** ********* ****** * *********** ******** **** ** ** *** ******* *** ****** **** **** *** ******* *****
High ******* ******* **** *** ****** ***** *** ***** ** ******* **** ********* ********* ** * *********** *****
Medium ******* ******* ************* ***** *** ** ******* *** **** ******* ****** ******** *******
Low ******* ****** ** *** ********* ********

Risk likelihood

We don't have sufficient data to confidently determine the risk likelihood of OWASP Penetration Testing Kit. Use it at your own risk.

Risk likelihood analysis details

High This extension publisher URL may be invalid
High **** ********* ******* *** *** ** *******
High **** ********* ******* ****** *** *** ** *******
High **** ********* *** *** **** ****** ********* ********** *** *** ** ****** ** *****
Low **** ********* *** ******* **** **** * ****** **** ***** ******** *** **** ****** ** ** ****** *** *****
Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
Good **** ********* *** **** **** *******