top of page


Screen Shot 2021-12-05 at 11.33.38 AM.png

Turn your browser into a powerful offensive
AppSec tool with


The PTK is an open source solution designed helps penetration testers, Red/Blue/Purple Teams, and application security practitioners test web applications for security vulnerabilities.

Because it is so easy to install and use, it is also ideal for developers to either quickly test their code, or replicate previously-identified vulnerabilities. 

PTK is a cross-browser extension instead of a standalone tool offering a fast and efficient way to test web applications for security vulnerabilities.


PTK makes it easy to get detailed information about a webapp and to execute modified HTTP requests without javascript validation, sequence recording with HAR file output.


PTK handles authentication with normal user sessions—all users have to do is install the extension and start their tests.

This True Positives webinar extends from our firms close affiliation with the OWASP Penetration Testing Kit (PTK), an Incubator Project of the OWASP Foundation (see full article).

Webinar: Discover OWASP PTK


Denis Podgurskii, OWASP PTK author & accomplished application security expert.

45 Minute Duration. Multiple dates to choose from.


How PTK does Reconnaissance, 
Weaponization, Exploitation,
and Attacks.


About powerful utilities including:

Macro & Traffic recording

CryptoES based Decoder

Swagger 2.0 & OpenAPI 3.0 support


Live demo featuring JWT “None” algorithm attack in action and more.

What's New

Most up-to-date OWASP Top 10 2021 mapping to "CWE/SANS TOP 25 Most Dangerous Software Errors"and MITRE "2021 CWE Top 25 Most Dangerous Software Weaknesses".

Asset 10_4x.png

Sign Up Today

bottom of page