Features
List of the main features of the Penterep platform that will make your work as easy and efficient as possible
With the Penterep platform, multiple pentesters can collaborate simultaneously to run a test. Each of them always has an up-to-date overview of which tests have already been executed and which are still waiting to be completed. Besides testers, you can also assign managers, staff in charge of corrective action or target clients to the team.
With the Penterep platform, you can create work teams consisting not only of pentesters but also of developers, network administrators, managers or customer representatives. They are notified of all new findings and can comment on them, or they can directly fix the reported bugs and return them to pentesters for retesting.
With the Penterep platform, you'll have everything in one place. The tool makes it easy to record any deficiencies found, add notes or save attachments that may become part of the final report. You won't need several different tools anymore and you'll have your projects neatly and efficiently arranged and organized.
With the Penterep platform, you can create a final report with a single click. The platform generates a penetration testing report fully automatically using the texts you entered for each finding during the testing. For each vulnerability included, a severity rating using the selected standard (e.g. CVSS) is indicated, along with a detailed description, CVE number and remediation recommendation. All relevant attachments are also automatically added to the report.
With the Penterep tool, penetration testing can be done by virtually anyone. The tool guides you through each checklist step by step so that you don't miss any important test cases. For each case, you have a procedure available on how to perform the test and what follow-up steps to take.
With the Penterep platform, you can easily edit final report templates. This makes it easy to create reports that will contain exactly the information you deem important and that correspond visually with your company's graphic manual.
With the Penterep platform you have an instant overview of the execution status of each pentest. You can track their progress and compliance with deadlines in real time. You can also access various statistics with an overview of the findings and their severity.
With the Penterep platform, you can easily monitor the performance of individual staff members. The platform will provide you with statistics on the number of test cases performed by the worker or the number of findings made by them.
With the Penterep platform, you can easily test network infrastructure, application servers, network services, web or mobile applications, SEO and more. The checklists are fully interactive and correspond to well-known standards such as OWASP ASVS, OWASP MASVS, NIST, etc. At your wish, we can also prepare customized checklists for you to test whatever you want.
Our supplied modules can be customized to your needs, or you can easily create your own entirely new modules. This means you can compile your own checklists to test, for example, your company's internal processes or any products from your manufacturing lines.
One of the key advantages of the Penterep platform is the combined integration of automated and manual testing. This will make your work as efficient as possible and get the job done much better and even more cost effectively. In the case of automated testing, the tests would be performed quickly and cheaply, but unfortunately would not be comprehensive enough and not all vulnerabilities would be detected. On the other hand with manual testing, the tests would be time-consuming and expensive, and it would rest heavily on the tester’s expertise as to how complete they would be. Our platform combines the best of both these types of testing.
Thanks to detailed checklists and detailed guides on how to perform each test, less experienced staff members are educated as they work. This makes it easy to involve even novice, less experienced testers in testing, who will thus be able to run the tests without the need of supervision by experienced staff. After completing a few projects, these workers will be able to test professionally without having to consult manuals. The platform thus can save you considerable funds that otherwise would have to go to staff training.
With the Penterep platform you can effectively save your money. By using it, you will be as efficient as possible, and you will be able to employ even less experienced, novice testers with no need for supervision by more experienced staff while working. As Penterep educates employees at the same time while they work, you will also save money on training courses and workshops. You get insight into the performance of individual workers and replace many different tools with one single tool.
With the Penterep platform, you can quickly and easily estimate the time required for new projects. After a thorough scan of the target environment, the tool will provide you with an estimate of the number of tests that will need to be performed manually and the time required to do the tests. Making quotes and planning becomes a breeze for you.
You can easily link the Penterep platform via API with a variety of external tools. The import option allows you to load into the platform for example data from other security scanning tools and so aggregate it. Or you can also create your own wrappers to run any program whose outputs are automatically logged in the Penterep platform.
Verifying your deployed fixes is a breeze with Penterep. By simply changing the status of individual findings, the baton can be passed between testers and developers until the issue is effectively resolved. The saved history, notes and discussions make it easy to take on a retest even after a longer period of time, or to pass it on to another worker with peace of mind.
The comprehensive knowledge base contains not only the checklists themselves and detailed guides for implementing each test, but also thoroughly described vulnerabilities, including their impact, manifestations, severities, remediation recommendations and references to relevant sources of information, including links to CVE and CWE databases. The knowledge base also has descriptions of attacks that can exploit the vulnerabilities. You can use the comprised information in the actual testing or include it in reports.
I want to learn more about the content of the knowledge base
The Penterep platform is localized into Czech, English and German. You will find localized texts not only in the platform environment itself, but also throughout our entire knowledge base, which contains descriptions of tests, vulnerabilities and attacks. Thanks to these language versions, you can include in your teams members speaking different languages, who credit to the platform will have no problem effectively working together.
With the Penterep platform, you won't be limited to only testing targets on the public Internet. Thanks to the high level of scalability, you can easily test even internal networks or devices, services and applications running on these closed networks.
