Pentest-Tools.com helps security professionals find, validate, and communicate vulnerabilities faster and with greater confidence - whether they’re internal teams defending at scale, MSPs juggling clients, or consultants under pressure.

With comprehensive coverage across network, web, API, and cloud assets, and built-in exploit validation, it turns every scan into credible, actionable insight.

Trusted by over 2,000 teams in 119 countries and used in more than 6 million scans annually, it delivers speed, clarity, and control - without bloated stacks or rigid workflows.


Pentest-Tools

We build an offensive security product, so the fair question is whether we run it on ourselves. We do. The scanners and exploit modules you'd use, we point at our own infrastructure and web apps. When a critical CVE drops, our own assets are among the first we test, so detection and validation hold up on us before they ship to you.

The same folks doing that testing are the ones publishing CVE research and breaking down bugs like Log4Shell and SessionReaper on this channel.


We wrote the whole thing down, public, no NDA: pentest-tools.com/legal/trust-and-assurance

8 hours ago | [YT] | 0

Pentest-Tools

CVE-2026-43499 is a use-after-free in the Linux kernel, shipped by default since 2011 and disclosed this week. Any logged-in user gets full root in about five seconds, and the exploit escapes containers.

Daniel Bechenea, security manager at Pentest-Tools.com, told ITPro's Emma Woollacott why this one lands harder than the usual kernel bug:
"An exploit reported at 97% reliable, with public code anyone can run, changes that math."


Patch to a fixed kernel now. Until it reaches every host, treat any code execution on an unpatched box as root and verify the kernel version yourself. Don't assume the April fix propagated.


Full breakdown by Emma Woollacott at ITPro: www.itpro.com/software/linux/cyber-researchers-sou…


#offensivesecurity #penetrationtesting #cybersecurity

15 hours ago | [YT] | 0

Pentest-Tools

Confirming a finding is the good part of the job. When that "maybe" becomes a yes, with PoC and all...

But SOC 2 Type II wants twelve months of those. And most audit gaps aren't weak scanning. They're teams who did the work but can't produce the trail.

Here's where Pentest-Tools.com does the lifting, turning your testing into evidence as you go:

✅ Detection: scheduled scans log every finding timestamped, CVE-tagged, per asset
✅ Validation: the Confirmed label backs findings with request/response data and a PoC
✅ Remediation: retest workflows produce the before-and-after auditors ask for
✅ Proof it held: monitoring between scans, plus audit-ready exports in PDF, DOCX, or JSON

The record assembles itself while you do the part you came for.

Here is the SOC 2 evidence chain: pentest-tools.com/usage/compliance/soc2

1 day ago | [YT] | 2

Pentest-Tools

React2Shell. NGINX Rift. cPanel. ToolShell. Every one of them was a scramble for someone. Which assets does this touch? Is it real? Did we actually close it?

Next week, on Wednesday, Pentest-Tools.com Office Hours is about turning that scramble into a workflow. Jan Pedersen hosts a live walkthrough of emergency CVE response, across two situations: an environment you’ve just inherited and don’t fully know, and one you know well and want reacting to new CVEs for you.

How to find affected assets fast, how to tell a genuine exposure from a version match, and how comparing one scan to the next proves what you actually closed.

30 minutes live. 15 minutes of open Q&A. One session.

Register here: zoom.us/webinar/register/9217815290134/WN_O1WFe8op…

3 days ago | [YT] | 1

Pentest-Tools

Here we go. Product updates - the June edition.

This month your coverage got a LOT wider.

80 new detections landed in the Network Scanner, including pre-auth RCE in Oracle PeopleSoft and an auth bypass in Palo Alto PAN-OS. If any are in your scope, you know where to look.

The rest of June:

🌐 Our research team found two authentication flaws in phpBB, one buried in the code for over a decade. There's a working PoC for each, and the Network Scanner now detects the most critical one - CVE-2026-48611 (9.4).

🤖 AI where it earns its place in the Website Scanner and URL Fuzzer: smarter logins, deeper crawling, fewer fake 200 pages.

🎯 the XSS Exploiter now gives you two delivery options: script tag or fetch plus eval.

🔌 API: a new info_text key on /scans tells you why a scan didn't start.

☁️ We're now on the Microsoft Azure Marketplace, so you can add us to your existing Azure billing.

Our colleague Stefan Perju walks you through all of it in the video.

Until next time: stay sharp. Stay human.

Everything that shipped can be found in the change-log: pentest-tools.com/change-log

The phpBB PoCs and full write-up: pentest-tools.com/research/phpbb-authentication-by…

#offensivesecurity #vulnerabilitymanagement #infosec #penetrationtesting

5 days ago | [YT] | 0

Pentest-Tools

We all watch the patch timer.
When you're still working out what the new CVE actually touches, things can feel slooooow.

Critical CVE drops. What slows your "are we exposed?" answer most?

6 days ago | [YT] | 0

Pentest-Tools

You think it's closed, but it's actually reachable. 😬
That "temporary" firewall rule from your last migration? Probably still open, and better you find it than your auditor does.


Scan your own perimeter from the outside a couple weeks before the audit and see what's really exposed: open TCP and UDP ports, the services behind them, their versions. Close what shouldn't be there, re-scan, confirm it's shut. Then nothing in the audit report is a surprise.


Run it on your own perimeter with our Port Scanner: pentest-tools.com/network-vulnerability-scanning/p…

1 week ago | [YT] | 3

Pentest-Tools

Turns out 210,000+ people didn't have to survive a sales pitch to experience how our product works. They just started using our Free Edition.
That's the whole idea:
✅ Real offsec tools you can use every day (with limits, ofc)
✅ Real vulnerability scans on targets you're cleared to test & monitor
✅ Results you can export as PDF, HTML, CSV, or XLSX
Don't take our word for it. Sign up for free: pentest-tools.com/usage/pricing/free

1 week ago | [YT] | 4

Pentest-Tools

Remember the phpBB authentication bypass our research team found? We said the proof was coming. 💥 It's here.

Two working PoCs, one for each vulnerability, are now live in the research:

👉 PTT-2026-004 (CVE-2026-48611, 9.4): the PoC shows the full path from a single crafted request to a valid admin session. No credentials that work, no prior access, no user interaction. Just the request and the session cookie that _shouldn't_ exist.

👉 PTT-2026-005 (CVE-2026-48612, 8.3): the PoC walks through the silent OAuth account takeover, including the case where the victim only has to load a forum post for the chain to fire.

Talk is cheap in this line of work, so check out both PoCs, plus the mitigation steps: pentest-tools.com/research/phpbb-authentication-by…

1 week ago | [YT] | 0

Pentest-Tools

Halfway through 2026 is a good time to run a diff on your own year.
Back in January you had a plan. Six months of real engagements later, some of it held and some of it you _quietly_ 🫢 rewrote.
So what actually changed in how you work?

1 week ago | [YT] | 0