OWASP Penetration Testing Kit

Penetration Testing Kit Logo

OWASP Incubator License

The PTK is a cross-browser extension that helps penetration testers, Red/Blue/Purple Teams, or application security practitioners make their day-to-day jobs much easier.

Based on the Wappalyzer NPM module the PTK provides a piece of insightful information about a technology stack, security headers, crawled links, and domains. A detailed traffic log allows a user to repeat a request in the R-Builder or send for attacking to the R-Attacker and execute XSS, SQL, or OS Command injections on any particular request.

Macro and traffic recording, bootstrap authentication to bypass MFA/Captcha, Swagger Editor, and much more like JSON Web Token attacks.




MS Edge

Documentation / How To


Youtube channel

Youtube channel


Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.