Pentest-Tools.com VPN agent (internal scanning) logo

    Pentest-Tools.com VPN agent (internal scanning)

    Securely scan internal and private networks in your Azure Cloud with the Pentest-Tools.com VPN Agent for comprehensive vulnerability assessments and penetration tests.

    Ratings and reviews

    4.8
    102 ratings
    3 star
    2 star
    1 star
    85%
    15%
    0%
    0%
    0%
    0 AWS reviews
    |
    102 external reviews
    External reviews are from G2  and PeerSpot .

    Filters

    Review type

    AWS Marketplace reviews
    External reviews
    Reviews (102)
    Insurance

    Cost-Effective, Accurate, and Fast—Easy Setup and Smooth Integrations

    Reviewed on Jul 02, 2026
    Review provided by G2
    What do you like best about the product?
    Great tool—cost-effective and accurate, and the speed is a nice bonus as well. It’s easy to find what you need and set up a test. The integrations are simple to set up and maintain, and the onboarding process was straightforward.
    What do you dislike about the product?
    I don’t have any dislikes. Everything works exactly as described, and I haven’t run into any issues so far.
    What problems is the product solving and how is that benefiting you?
    We needed a cost-effective way to monitor our code environment and stay on top of threats and emerging exploits, and this helped us do that.
    SangramGupta

    Platform has strengthened attack surface visibility and vulnerability validation but needs better remediation tracking

    Reviewed on Jun 12, 2026
    Review provided by PeerSpot

    What is our primary use case?

    My main use case for Pentest-Tools.com is primarily utilizing the tool for vulnerability assessment, external attack surface analysis, and security validation activities. The platform is useful for my project for quickly identifying security weaknesses in internal-facing, internet-facing, and externally-facing assets and supporting pen testing workflows without any kind of extensive setup or infrastructure.

    The types of assets I am focusing on are both internal assets and external assets. For internal assets, I have used vulnerability management solutions, carried out vulnerability assessments, and gathered vulnerability details so that I can prioritize the vulnerabilities. For external assets or internet-facing assets, the criticalities of the vulnerabilities are very severe, and that is why a pen test is required to showcase the exploitation of the vulnerabilities and also to create a pen test report, which demonstrates how external attacks can happen on those assets. For that purpose, I have used Pentest-Tools.com.

    Apart from vulnerability assessments, I also focus on network security validation, web application security testing, and reconnaissance and asset discovery, which have all been accomplished using that tool.

    What is most valuable?

    The best features that Pentest-Tools.com offers include vulnerability scanning, which I have used extensively. The platform provides scanning using useful templates for all assets, whether internal or external-facing. Additionally, it can deliver external attack surface visibility, allowing me to get proper visibility of the assets and identify potential exposures of risks in the external attack surface. Furthermore, I have included some web applications in my project scope, and the platform offers useful web application testing capabilities that can help identify common application security weaknesses and follow the OWASP Top 10 to identify vulnerabilities and weaknesses, which are the primary use cases I have utilized in my project using that tool.

    Pentest-Tools.com has positively impacted my organization in two significant ways. First, asset discovery and reconnaissance help provide all of the weaknesses and data of the applications under CMDB, as well as the state of the applications or servers in scope, which is very useful when preparing a plan for a vulnerability assessment. Second, exposure management or external attack surface management is valuable for external assets or internet-facing assets, helping gather all the vulnerabilities and weak points while providing a comprehensive report that assists the remediation team in acting on the vulnerabilities as soon as possible.

    What needs improvement?

    Pentest-Tools.com could improve in a couple of areas. First, the reporting flexibility could be enhanced. Second, there should be additional automation for remediation tracking since it currently lacks automation for this, requiring me to track remediations manually using the reports. Third, deeper integration with vulnerability management workflows could be beneficial, as I should have more options for integrating the tool with other security pen testing or application scanning tools.

    Regarding Pentest-Tools.com's AI capabilities, I believe there should be proper boundaries managed by their team in terms of governance and security, especially when the tool provides false positive vulnerabilities. These should also be detected on the governance side and resolved within the tool rather than manually, indicating an area for improvement in governance and compliance.

    In terms of the accuracy and reliability of Pentest-Tools.com's AI-generated output, I feel it can provide comprehensive output and reports. However, as it is AI-generated, the pentester or user should thoroughly check and validate the output before presenting it to stakeholders or the remediation team.

    For how long have I used the solution?

    I have used Pentest-Tools.com for almost one year for an offensive security project.

    What do I think about the stability of the solution?

    In my experience, Pentest-Tools.com is quite stable, and I have had a good experience using the tool without any significant downtime or reliability issues.

    What do I think about the scalability of the solution?

    Pentest-Tools.com's scalability is impressive. It has handled more than 50,000 assets effectively, and although I am unsure how it will perform with an asset count exceeding 100,000 or 200,000, my experience indicates that it is quite good and scalable.

    How are customer service and support?

    I have not worked on the implementation side of Pentest-Tools.com, but I have contributed from the operations perspective. Regarding customer support, I have reached out to them for assistance with some false positive issues, and they have been very cooperative and supportive in resolving those issues, indicating a good and helpful customer support experience.

    Which solution did I use previously and why did I switch?

    I have used many solutions for various project engagements, including Qualys, Tenable, Rapid7, and InsightVM, but I have not changed anything. The decision to adopt Pentest-Tools.com was based on customer requirements, leading to the implementation of this tool in my project.

    Which other solutions did I evaluate?

    I have not evaluated any other options before choosing Pentest-Tools.com, as it was the client's expectation for me to adopt this tool.

    What other advice do I have?

    My advice for others considering Pentest-Tools.com is that if you are working in vulnerability management or any kind of offensive security project with numerous internet-facing applications alongside internal applications, and you want to highlight the risks in real-time, you can adopt this tool to protect your organization and focus on managing the risks effectively. I would rate Pentest-Tools.com a seven out of ten based on my experience with various vulnerability solutions. I choose a seven because Pentest-Tools.com is pretty good, but there are some flaws, such as the integration issues and the lack of automation for remediation tracking, which lead me to reduce three points from a perfect score of ten.

    Vivek B.

    Easy to Use, Powerful Reporting Tool

    Reviewed on Nov 05, 2025
    Review provided by G2
    What do you like best about the product?
    I have been using Pentest-Tools.com for 1.5 years and find it immensely valuable for conducting penetration tests to identify system vulnerabilities and understand the mitigation processes. The tool efficiently provides comprehensive reports on all detected vulnerabilities in the system and environment, which aids in compliance with standard processes like ISO. I appreciate its straightforward process, making management easy even for someone who isn't a DevOps professional. Among its features, the website vulnerability scanner and network scan tools stand out due to their user-friendly, automated nature and the clarity of the reports they produce. Additionally, the dashboards and scheduling features are commendable for their ease of use. The initial setup was quite easy, which is a significant advantage. Overall, I rate it a 9 out of 10 on the likelihood of recommending it to others.
    What do you dislike about the product?
    I find that the scan test reports with Pentest-Tools.com sometimes take longer than expected, which can be a bit of a hassle when trying to work efficiently. Additionally, the lack of report customization is a drawback, as I am unable to edit reports, include or exclude specific findings, or apply whitelabeling and branding. Custom templates are also not available, which limits the flexibility and personalization of the reports.
    What problems is the product solving and how is that benefiting you?
    I use Pentest-Tools.com to identify vulnerabilities and ensure compliance with standards like ISO, benefiting from its ease of use, clear reports, and automated scanning features.
    Omar B.

    why i would recommend pen-test tools.com to small teams

    Reviewed on Oct 09, 2025
    Review provided by G2
    What do you like best about the product?
    Pentest-Tools.com has been a big part of our journey toward being fully ISO 27001 and GDPR audit-ready. The platform made vulnerability management much easier for us — from early discovery to detailed remediation reports that our auditors could directly reference. It saved us a lot of manual work and gave us a consistent, reliable way to demonstrate our security posture. Their support team deserves special credit, especially Victor, who has always been extremely responsive and patient whenever we needed clarification or extra help. It’s rare to find this level of personal support these days.

    I use Pentest-Tools.com on a monthly basis, and we have automated scans running across our key assets. It was surprisingly easy to set up assets, schedule recurring scans, and get valuable, audit-ready reports without needing extra manual effort. The results are reliable, easy to interpret, and have become part of our regular security rhythm. Overall, it’s a dependable platform backed by a team that genuinely cares about helping customers stay secure and compliant.
    What do you dislike about the product?
    If there’s one thing I’d change, it would be the user interface and navigation. While the tools themselves are excellent, the UX could be more intuitive when switching between scans, assets, and reports. I’d also love to see more integrations with GRC platforms, not just Vanta, so the results can fit more naturally into different compliance ecosystems. Adding some AI-assisted features for prioritizing vulnerabilities or generating remediation summaries would also make it even more powerful.
    What problems is the product solving and how is that benefiting you?
    We manage a high volume of RFPs and security questionnaires, many of which require current vulnerability scan reports as part of the due diligence process. Pentest-Tools.com has significantly streamlined this aspect of our workflow. It allows us to quickly produce reliable, professional reports that satisfy both client and auditor requirements, eliminating the need to perform manual scans for each request. The ability to schedule automated, recurring scans across our environments keeps our data consistently up to date. This not only supports our ISO 27001 and GDPR compliance efforts but also enables us to respond more rapidly to partner security assessments. As a result, it has become an essential tool for maintaining transparency and trust in all our engagements.
    Jasper S.

    Great tool with wide range of capabilities

    Reviewed on Sep 16, 2025
    Review provided by G2
    What do you like best about the product?
    It just works. The platform combines everything we need for pentesting (recon, scanning, exploit checks, reporting). No more switching between different tools. The interface is clear and easy to use. Reports look professional. Good to share without extra work.

    Scheduling scans saves a lot of time, and support is quick and helpful.
    What do you dislike about the product?
    The pricing feels high, especially if you have many assets or a small team. For complex web apps, some findings need extra manual work before they’re useful for developers. Nothing critical, but it can be annoying.
    What problems is the product solving and how is that benefiting you?
    It saves us a lot of time by automating vulnerability scans and reporting. Before we used multiple tools..that was time consuming.
    Tim M.

    Great service and support

    Reviewed on Jun 02, 2025
    Review provided by G2
    What do you like best about the product?
    The Pentest-tools.com platform allows us create multiple test vectors for our customers so they can get an external and internal perspective of their vulnerabilities especially for web applications. We like the speed and performance of the tool. Support has also been great and responds in a timely fashion.
    What do you dislike about the product?
    The plans have some caveats and limitations you need to pay attention to.
    What problems is the product solving and how is that benefiting you?
    The platform allows us to offer vulnerability scanning services, DAST and a "light" automated pen-test.
    Simon A.

    Easy-to-use, clear software for pentests

    Reviewed on Jan 27, 2025
    Review provided by G2
    What do you like best about the product?
    We monitor multiple servers (Debian, Ubuntu) at the network and application level. The results are quickly available, precise, and help us maintain our security level at a high standard. Particularly in the course of the ongoing certification according to BSI IT-Grundschutz, the reports were very helpful. The linking of external knowledge bases in the findings ensures quick verification and additional background knowledge. The relatively low price makes the offer affordable even for small businesses. The support responded quickly when I reported a false positive.
    What do you dislike about the product?
    Unfortunately, you can no longer replace assets (such as an IP address) within a month with another one (or if a scan has already taken place). I understand it, because this way you can easily bypass the limit by deleting and re-adding. Still, it's a bit annoying for me because I would actually like to monitor 6 targets.
    What problems is the product solving and how is that benefiting you?
    Review our own update processes and compliance requirements
    Computer & Network Security

    Streamlined Offensive Security Testing

    Reviewed on Dec 12, 2024
    Review provided by G2
    What do you like best about the product?
    Pentest-Tools.com is a cloud-based toolkit for offensive security testing, focused on web applications and network penetration testing. The platform streamlines the use of 20+ tools that cover everything from recon, vulnerability scanning, and exploit tools through an easy to use, intuitive user interface that anyone with any level of cybersecurity experience can pick up and begin integrating into their operations immediately. That would be my favorite aspect of the platform, its ease of use.
    What do you dislike about the product?
    Something I didn't like is that without notification, Pentest-Tools modified their "scanned asset" plan limitation, which previously enabled teams to rotate assets as needed to remain under the limit of 500 total assets being managed on the platform, now the limit of total assets appears to be 10,000, which is great, however only under the "Teams" plan, only 500 "new" assets may be added per billing cycle, which could be limiting to teams that begin new engagements that will far exceed the 500 asset limit.

    Despite the frustration of this change taking place without notification, Pentest-tools customer support was incredibly responsive and accommodating when we reached out with our concerns, and overall our experience with the pentest-tools support team has been fantastic.
    What problems is the product solving and how is that benefiting you?
    Pentest-Tools allows team members to quickly integrate themselves into reconnaissance, vulnerability scanning, or other offensive workflows with their intuitive user interface.This drastically reduces the learning curve for new team members. Also, white-labeling features are available for reporting, which like the rest of the platform, is incredibly easy to generate and includes evidence as well as recommended actions to remediate the discovered findings. However, we do wish that there was an "MSSP dashboard" available that offered more granular insights of all specific vulnerability findings across a given environment for reporting purposes. The platform also offers clear documentation that describes exactly what each tool tests for as well as a list of scanner IP addresses for whitelisting during engagements. The documentation has been extremely helpful in creating custom scans that remain within the scope of our engagements. Overall, Pentest-Tools.com helps our team to rapidly conduct offensive security assessments and enhances our ability to deliver high-quality reporting insights and reccomedtions to clients, all while maintaining operational efficiency.
    Brenda W.

    Simple, highly centralized vulnerability management platform with multiple tools

    Reviewed on Nov 22, 2024
    Review provided by G2
    What do you like best about the product?
    We recently started using PenTest-Tools for our vulnerability scanning. This tool combines multiple scanning capabilities into a single platform, allowing us to centralize our vulnerability management process. By consolidating various tools into one, it has become much easier to manage and monitor the overall picture of our vulnerability management efforts. Additionally, PenTest-Tools offers an integration feature with JIRA, which helps us address findings more efficiently. The configuration of the tool is simple and straightforward, and the support team is also very good at providing prompt feedback and solutions.
    What do you dislike about the product?
    As just started to sue it, couldn't find any drawbacks for now.
    What problems is the product solving and how is that benefiting you?
    Checking for internal and exposed CVE's on our environment and making sure we review and treat the detected issues properly.
    Pirooz A.

    Simple, Elegant tool for pen testing ...

    Reviewed on Oct 04, 2024
    Review provided by G2
    What do you like best about the product?
    I have been using the tool for over 7 years. The developers of the site, have broken down and simplified the process for our organization. The reporting is straight forward, and always helpful in locking down our systems.
    What do you dislike about the product?
    There isn't anything to dislike. We would like to see scheduling option for templates that we have developed ourselves.
    What problems is the product solving and how is that benefiting you?
    For our own peace of mind, we need to know if there are any blindspots, additionally provide reports to our users.