Sold by: Pentest-Tools.com
AWS Free Tier
Run penetration tests inside your AWS Cloud using our powerful suite of vulnerability assessment and penetration testing (VAPT) tools.
Sold by: Pentest-Tools.com
Overview
The VPN Agent is a stepping stone appliance that allows our cloud-based tools to securely access your private AWS Cloud Infrastructure.
Using this setup, you can run all tools from Pentest-Tools.com against your internal cloud network and perform full penetration tests and vulnerability assessments in minutes.
Highlights
- Discover missing security patches and outdated network services.
- Detect open ports that expose critical business assets and get the full picture of your Cloud Infrastructure's Attack Surface.
- Find high-risk vulnerabilities and weak credentials that allow privilege escalation or access to sensitive information.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Ubuntu 22.04 LTS
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Type | Cost |
|---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
Pentest-Tools.com guarantees money back for all plans purchased from our website. Please check our full refund policy here: https://support.pentest-tools.com/account-and-billing/request-refund
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Several improvements and bug fixes
Additional details
Usage instructions
Please check our detailed step-by-step article on how to integrate Pentest-Tools.com into AWS: https://support.pentest-tools.com/vpn-profiles/aws-cloud-vpn-agent
Other relevant resources about Pentest-Tools.com: https://pentest-tools.com/features/internal-network-scanning https://pentest-tools.com/features/attack-surface https://support.pentest-tools.com/vpn-profiles/internal-scan-openvpn https://support.pentest-tools.com/vpn-profiles/internal-network-scan-vpn-agent
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Vulnerability Scanners for Web Apps and Network
By Pentest-Tools.com
Pentest-Tools.com provides cloud-based vulnerability scanners for web application scanning and infrastructure vulnerability management. No setup required, easy to use interface. A security scanner for both web applications and network security.
Fluid Attacks: Application Security (AppSec) Solution
By Fluid Attacks
Fluid Attacks is an all-in-one application security solution that continuously helps your development team build and deploy secure software without delays. Throughout the entire SDLC of your applications and infrastructures, Fluid Attacks offers fast, deep, and accurate security testing by integrating AI with automatic and manual testing (SAST, DAST, SCA, PTaaS, SCR, and RE). The help in remediating vulnerabilities includes AI-generated code fixes and consulting sessions with Fluid Attacks' hacking team.
Penetration testing for startups
By Blaze Information Security
Whether you are a well-established unicorn or a new player in the startup world, achieve a higher level of security maturity with our penetration testing for startups. Meet compliance with SOC 2, ISO 27001, PCI, GDPR, HIPAA, CCPA, and vendor risk assessment requirements. Prices start at $4,999.
Fintech penetration testing
By Blaze Information Security
Whether you are a well-established fintech unicorn or a new player, achieve a higher security maturity level with our fintech penetration testing services. Meet your compliance requirements with PCI DSS, SOC 2 Type II, ISO 27001, GDPR and vendor security assessments.
Customer reviews
Simon A.
Einfach zu bedienende, übersichtliche Software für Pentests
Reviewed on Jan 27, 2025
Review provided by G2
What do you like best about the product?
Wir überwachen mehrere Server (Debian, ubuntu) auf Netzwerk- und Anwendungsebene. Die Ergebnisse sind schnell verfügbar, präzise und helfen uns, unser Sicherheitsniveau auf einem hohen Level zu halten. Insbesondere im Zuge der laufenden Zertifizierung nach BSI IT-Grundschutz waren die Reports sehr hilfreich. Die Verlinkung von externen Knowledge-Bases bei den Findings sorgt für eine schnelle Verifizierung und weiteres Hintergrundwissen. Der verhältnismäßig niedrige Preis macht das Angebot auch für kleine Unternehmen bezahlbar. Der Support antwortet schnell, als ich ein False-Positive gemeldet habe.
What do you dislike about the product?
Leider kann man Assets (also z.B. eine IP-Adresse) jetzt nicht mehr innerhalb eines Monats durch eine andere ersetzen (bzw. wenn schon ein Scan stattgefunden hat). Ich verstehe es, weil man dadurch das Limit durch Löschen und neu hinzufügen leicht umgehen kann. Dennoch etwas ärgerlich für mich, weil ich eigentlich gerne 6 Ziele überwachen würde.
What problems is the product solving and how is that benefiting you?
Überprüfung unserer eigenen Update-Prozesse und Complinace-Anforderungen
Leave a comment0 comments
Computer & Network Security
Streamlined Offensive Security Testing
Reviewed on Dec 12, 2024
Review provided by G2
What do you like best about the product?
Pentest-Tools.com is a cloud-based toolkit for offensive security testing, focused on web applications and network penetration testing. The platform streamlines the use of 20+ tools that cover everything from recon, vulnerability scanning, and exploit tools through an easy to use, intuitive user interface that anyone with any level of cybersecurity experience can pick up and begin integrating into their operations immediately. That would be my favorite aspect of the platform, its ease of use.
What do you dislike about the product?
Something I didn't like is that without notification, Pentest-Tools modified their "scanned asset" plan limitation, which previously enabled teams to rotate assets as needed to remain under the limit of 500 total assets being managed on the platform, now the limit of total assets appears to be 10,000, which is great, however only under the "Teams" plan, only 500 "new" assets may be added per billing cycle, which could be limiting to teams that begin new engagements that will far exceed the 500 asset limit.
Despite the frustration of this change taking place without notification, Pentest-tools customer support was incredibly responsive and accommodating when we reached out with our concerns, and overall our experience with the pentest-tools support team has been fantastic.
Despite the frustration of this change taking place without notification, Pentest-tools customer support was incredibly responsive and accommodating when we reached out with our concerns, and overall our experience with the pentest-tools support team has been fantastic.
What problems is the product solving and how is that benefiting you?
Pentest-Tools allows team members to quickly integrate themselves into reconnaissance, vulnerability scanning, or other offensive workflows with their intuitive user interface.This drastically reduces the learning curve for new team members. Also, white-labeling features are available for reporting, which like the rest of the platform, is incredibly easy to generate and includes evidence as well as recommended actions to remediate the discovered findings. However, we do wish that there was an "MSSP dashboard" available that offered more granular insights of all specific vulnerability findings across a given environment for reporting purposes. The platform also offers clear documentation that describes exactly what each tool tests for as well as a list of scanner IP addresses for whitelisting during engagements. The documentation has been extremely helpful in creating custom scans that remain within the scope of our engagements. Overall, Pentest-Tools.com helps our team to rapidly conduct offensive security assessments and enhances our ability to deliver high-quality reporting insights and reccomedtions to clients, all while maintaining operational efficiency.
Brenda W.
Simple, highly centralized vulnerability management platform with multiple tools
Reviewed on Nov 22, 2024
Review provided by G2
What do you like best about the product?
We recently started using PenTest-Tools for our vulnerability scanning. This tool combines multiple scanning capabilities into a single platform, allowing us to centralize our vulnerability management process. By consolidating various tools into one, it has become much easier to manage and monitor the overall picture of our vulnerability management efforts. Additionally, PenTest-Tools offers an integration feature with JIRA, which helps us address findings more efficiently. The configuration of the tool is simple and straightforward, and the support team is also very good at providing prompt feedback and solutions.
What do you dislike about the product?
As just started to sue it, couldn't find any drawbacks for now.
What problems is the product solving and how is that benefiting you?
Checking for internal and exposed CVE's on our environment and making sure we review and treat the detected issues properly.
Pirooz A.
Simple, Elegant tool for pen testing ...
Reviewed on Oct 04, 2024
Review provided by G2
What do you like best about the product?
I have been using the tool for over 7 years. The developers of the site, have broken down and simplified the process for our organization. The reporting is straight forward, and always helpful in locking down our systems.
What do you dislike about the product?
There isn't anything to dislike. We would like to see scheduling option for templates that we have developed ourselves.
What problems is the product solving and how is that benefiting you?
For our own peace of mind, we need to know if there are any blindspots, additionally provide reports to our users.
Computer & Network Security
Pentest-Tools saves tons of time with finding vulnerabilities in web applications
Reviewed on Aug 05, 2024
Review provided by G2
What do you like best about the product?
Pentest-Tools makes it easy to perform security assessments of web applications with virtually no setup or infrastructure requirements. They also provide a variety of tools for OSINT gathering and attack surface mapping to help make sure that you're giving customers good coverage of their public-facing attack surface.
What do you dislike about the product?
Their assessment capability for SPA (single page applications) is relatively new so results with modern SPA applications can be hit-or-miss. Also, they do support scanning behind authentication, but they designed it to be very simple and user friendly. For many HTML-based login forms this works fine, and they do allow you to provide cookies or headers to use for other cases but if those don't work, they don't provide much in the way of logging or other tools for customizing the authentication workflow in order to troubleshoot and get it working. Their tech support team has helped in most cases that I've had trouble with, but resolution time may vary if their 'first line of support' can't figure it out.
What problems is the product solving and how is that benefiting you?
Pentest-Tools helps me save time on web application assessments by providing an easy-to-use tool that does a lot of reconaissance, web vulnerability scanning, and information-gathering tasks in fully automated ways.