What do you like best about the product?

Pentest-Tools makes it easy to perform security assessments of web applications with virtually no setup or infrastructure requirements. They also provide a variety of tools for OSINT gathering and attack surface mapping to help make sure that you're giving customers good coverage of their public-facing attack surface.

What do you dislike about the product?

Their assessment capability for SPA (single page applications) is relatively new so results with modern SPA applications can be hit-or-miss. Also, they do support scanning behind authentication, but they designed it to be very simple and user friendly. For many HTML-based login forms this works fine, and they do allow you to provide cookies or headers to use for other cases but if those don't work, they don't provide much in the way of logging or other tools for customizing the authentication workflow in order to troubleshoot and get it working. Their tech support team has helped in most cases that I've had trouble with, but resolution time may vary if their 'first line of support' can't figure it out.

What problems is the product solving and how is that benefiting you?

Pentest-Tools helps me save time on web application assessments by providing an easy-to-use tool that does a lot of reconaissance, web vulnerability scanning, and information-gathering tasks in fully automated ways.