Sold by: Pentest-Tools.comÂ
Deployed on AWS
AWS Free Tier
Securely scan internal and private networks in your Azure Cloud with the Pentest-Tools.com VPN Agent for comprehensive vulnerability assessments and penetration tests.
Overview
PentestTools.com helps security professionals find, validate, and communicate vulnerabilities faster and with greater confidence whether they are internal teams defending at scale, MSPs juggling clients, or consultants under pressure.
With comprehensive coverage across network, web, API, and cloud assets, and builtin exploit validation, it turns every scan into credible, actionable insight.
Trusted by over 2,000 teams in 119 countries and used in more than 6 million overall scans and 650,000 internal scans annually, it delivers speed, clarity, and control without bloated stacks or rigid workflows.
PentestTools.com VPN agent (internal scanning)
The VPN Agent enables our cloud based product to securely access your private Azure infrastructure so you can run internal vulnerability scans and penetration tests in minutes. No need to deploy and maintain complex on premise scanners.
Key Benefits
- Complete visibility: Extend your vulnerability assessments beyond the perimeter to cover internal servers, endpoints, and services in Azure.
- Secure by design: All scans are tunneled through the VPN Agent with no inbound firewall changes required.
- Unified view: Run the same PentestTools.com tools for both external and internal testing, managed from a single interface.
- Fast deployment: Launch in minutes and start scanning immediately, without manual setup.
Features
- Discover missing security patches and outdated network services across internal hosts.
- Detect open ports and misconfigured services that expose critical business assets.
- Find high risk vulnerabilities, weak credentials, and privilege escalation paths.
- Combine internal and external scans for a complete view of your attack surface.
- Integrate results via API for automation and reporting.
Highlights
- Complete visibility: Extend your vulnerability assessments beyond the perimeter to cover internal servers, endpoints, and services in Azure.
- Secure by design: All scans are tunneled through the VPN Agent with no inbound firewall changes required.
- Unified view: Run the same Pentest-Tools.com tools for both external and internal testing, managed from a single interface.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Ubuntu 22.04 LTS
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Pentest-Tools.com guarantees money back for all plans purchased from our website. Please check our full refund policy here: https://support.pentest-tools.com/account-and-billing/request-refundÂ
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Several improvements and bug fixes
Additional details
Usage instructions
Please check our detailed step-by-step article on how to integrate Pentest-Tools.com into AWS: https://support.pentest-tools.com/vpn-profiles/aws-cloud-vpn-agentÂ
Other relevant resources about Pentest-Tools.com: https://pentest-tools.com/features/internal-network-scanning https://pentest-tools.com/features/attack-surface https://support.pentest-tools.com/vpn-profiles/internal-scan-openvpn https://support.pentest-tools.com/vpn-profiles/internal-network-scan-vpn-agentÂ
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
HackerOne
By HackerOne
HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024.
Fluid Attacks: Application Security (AppSec) Solution
By Fluid Attacks
Fluid Attacks is an all-in-one application security solution that continuously helps your development team build and deploy secure software without delays. Throughout the entire SDLC of your applications and infrastructures, Fluid Attacks offers fast, deep, and accurate security testing by integrating AI with automatic and manual testing (SAST, DAST, SCA, PTaaS, SCR, and RE). The help in remediating vulnerabilities includes AI-generated code fixes and consulting sessions with Fluid Attacks' hacking team.
Penetration testing for startups | Pentest for startups
By Blaze Information Security
Whether you are a well-established unicorn or a new player in the startup world, achieve a higher level of security maturity with our penetration testing for startups. Meet compliance with SOC 2, ISO 27001, PCI, GDPR, HIPAA, CCPA, and vendor risk assessment requirements. Prices start at $4,999.
Fintech penetration testing | Fintech pentest
By Blaze Information Security
Whether you are a well-established fintech unicorn or a new player, achieve a higher security maturity level with our fintech penetration testing services. Meet your compliance requirements with PCI DSS, SOC 2 Type II, ISO 27001, GDPR and vendor security assessments.
Customer reviews
0 ratings
0 AWS reviews
|
99 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Omar B.
why i would recommend pen-test tools.com to small teams
Reviewed on Oct 09, 2025
Review provided by G2
What do you like best about the product?
Pentest-Tools.com has been a big part of our journey toward being fully ISO 27001 and GDPR audit-ready. The platform made vulnerability management much easier for us — from early discovery to detailed remediation reports that our auditors could directly reference. It saved us a lot of manual work and gave us a consistent, reliable way to demonstrate our security posture. Their support team deserves special credit, especially Victor, who has always been extremely responsive and patient whenever we needed clarification or extra help. It’s rare to find this level of personal support these days.
I use Pentest-Tools.com on a monthly basis, and we have automated scans running across our key assets. It was surprisingly easy to set up assets, schedule recurring scans, and get valuable, audit-ready reports without needing extra manual effort. The results are reliable, easy to interpret, and have become part of our regular security rhythm. Overall, it’s a dependable platform backed by a team that genuinely cares about helping customers stay secure and compliant.
I use Pentest-Tools.com on a monthly basis, and we have automated scans running across our key assets. It was surprisingly easy to set up assets, schedule recurring scans, and get valuable, audit-ready reports without needing extra manual effort. The results are reliable, easy to interpret, and have become part of our regular security rhythm. Overall, it’s a dependable platform backed by a team that genuinely cares about helping customers stay secure and compliant.
What do you dislike about the product?
If there’s one thing I’d change, it would be the user interface and navigation. While the tools themselves are excellent, the UX could be more intuitive when switching between scans, assets, and reports. I’d also love to see more integrations with GRC platforms, not just Vanta, so the results can fit more naturally into different compliance ecosystems. Adding some AI-assisted features for prioritizing vulnerabilities or generating remediation summaries would also make it even more powerful.
What problems is the product solving and how is that benefiting you?
We manage a high volume of RFPs and security questionnaires, many of which require current vulnerability scan reports as part of the due diligence process. Pentest-Tools.com has significantly streamlined this aspect of our workflow. It allows us to quickly produce reliable, professional reports that satisfy both client and auditor requirements, eliminating the need to perform manual scans for each request. The ability to schedule automated, recurring scans across our environments keeps our data consistently up to date. This not only supports our ISO 27001 and GDPR compliance efforts but also enables us to respond more rapidly to partner security assessments. As a result, it has become an essential tool for maintaining transparency and trust in all our engagements.
Jasper S.
Great tool with wide range of capabilities
Reviewed on Sep 16, 2025
Review provided by G2
What do you like best about the product?
It just works. The platform combines everything we need for pentesting (recon, scanning, exploit checks, reporting). No more switching between different tools. The interface is clear and easy to use. Reports look professional. Good to share without extra work.
Scheduling scans saves a lot of time, and support is quick and helpful.
Scheduling scans saves a lot of time, and support is quick and helpful.
What do you dislike about the product?
The pricing feels high, especially if you have many assets or a small team. For complex web apps, some findings need extra manual work before they’re useful for developers. Nothing critical, but it can be annoying.
What problems is the product solving and how is that benefiting you?
It saves us a lot of time by automating vulnerability scans and reporting. Before we used multiple tools..that was time consuming.
Tim M.
Great service and support
Reviewed on Jun 02, 2025
Review provided by G2
What do you like best about the product?
The Pentest-tools.com platform allows us create multiple test vectors for our customers so they can get an external and internal perspective of their vulnerabilities especially for web applications. We like the speed and performance of the tool. Support has also been great and responds in a timely fashion.
What do you dislike about the product?
The plans have some caveats and limitations you need to pay attention to.
What problems is the product solving and how is that benefiting you?
The platform allows us to offer vulnerability scanning services, DAST and a "light" automated pen-test.
Simon A.
Easy-to-use, clear software for pentests
Reviewed on Jan 27, 2025
Review provided by G2
What do you like best about the product?
We monitor multiple servers (Debian, Ubuntu) at the network and application level. The results are quickly available, precise, and help us maintain our security level at a high standard. Particularly in the course of the ongoing certification according to BSI IT-Grundschutz, the reports were very helpful. The linking of external knowledge bases in the findings ensures quick verification and additional background knowledge. The relatively low price makes the offer affordable even for small businesses. The support responded quickly when I reported a false positive.
What do you dislike about the product?
Unfortunately, you can no longer replace assets (such as an IP address) within a month with another one (or if a scan has already taken place). I understand it, because this way you can easily bypass the limit by deleting and re-adding. Still, it's a bit annoying for me because I would actually like to monitor 6 targets.
What problems is the product solving and how is that benefiting you?
Review our own update processes and compliance requirements
Computer & Network Security
Streamlined Offensive Security Testing
Reviewed on Dec 12, 2024
Review provided by G2
What do you like best about the product?
Pentest-Tools.com is a cloud-based toolkit for offensive security testing, focused on web applications and network penetration testing. The platform streamlines the use of 20+ tools that cover everything from recon, vulnerability scanning, and exploit tools through an easy to use, intuitive user interface that anyone with any level of cybersecurity experience can pick up and begin integrating into their operations immediately. That would be my favorite aspect of the platform, its ease of use.
What do you dislike about the product?
Something I didn't like is that without notification, Pentest-Tools modified their "scanned asset" plan limitation, which previously enabled teams to rotate assets as needed to remain under the limit of 500 total assets being managed on the platform, now the limit of total assets appears to be 10,000, which is great, however only under the "Teams" plan, only 500 "new" assets may be added per billing cycle, which could be limiting to teams that begin new engagements that will far exceed the 500 asset limit.
Despite the frustration of this change taking place without notification, Pentest-tools customer support was incredibly responsive and accommodating when we reached out with our concerns, and overall our experience with the pentest-tools support team has been fantastic.
Despite the frustration of this change taking place without notification, Pentest-tools customer support was incredibly responsive and accommodating when we reached out with our concerns, and overall our experience with the pentest-tools support team has been fantastic.
What problems is the product solving and how is that benefiting you?
Pentest-Tools allows team members to quickly integrate themselves into reconnaissance, vulnerability scanning, or other offensive workflows with their intuitive user interface.This drastically reduces the learning curve for new team members. Also, white-labeling features are available for reporting, which like the rest of the platform, is incredibly easy to generate and includes evidence as well as recommended actions to remediate the discovered findings. However, we do wish that there was an "MSSP dashboard" available that offered more granular insights of all specific vulnerability findings across a given environment for reporting purposes. The platform also offers clear documentation that describes exactly what each tool tests for as well as a list of scanner IP addresses for whitelisting during engagements. The documentation has been extremely helpful in creating custom scans that remain within the scope of our engagements. Overall, Pentest-Tools.com helps our team to rapidly conduct offensive security assessments and enhances our ability to deliver high-quality reporting insights and reccomedtions to clients, all while maintaining operational efficiency.