Turn your browser into a powerful offensive
AppSec tool with OWASP PTK
The PTK is an open source solution designed helps penetration testers, Red/Blue/Purple Teams, and application security practitioners test web applications for security vulnerabilities.
Because it is so easy to install and use, it is also ideal for developers to either quickly test their code, or replicate previously-identified vulnerabilities.
PTK is a cross-browser extension instead of a standalone tool offering a fast and efficient way to test web applications for security vulnerabilities.
PTK handles authentication with normal user sessions—all users have to do is install the extension and start their tests.
Webinar: Discover OWASP PTK
Denis Podgurskii, OWASP PTK author & accomplished application security expert.
45 Minute Duration. Multiple dates to choose from.
How PTK does Reconnaissance,
About powerful utilities including:
Macro & Traffic recording
CryptoES based Decoder
Swagger 2.0 & OpenAPI 3.0 support
Live demo featuring JWT “None” algorithm attack in action and more.
Most up-to-date OWASP Top 10 2021 mapping to "CWE/SANS TOP 25 Most Dangerous Software Errors"and MITRE "2021 CWE Top 25 Most Dangerous Software Weaknesses".