Comprehensive Browser Extension for Application Security
The Penetration Testing Kit (PTK) is a powerful browser extension designed for professionals in application security, including penetration testers and Red Team members. This subscription-based tool streamlines various security tasks directly within Firefox, featuring in-browser runtime scanning capabilities that cover Dynamic Application Security Testing (DAST) and Software Composition Analysis (SCA). Users can detect a wide range of vulnerabilities, including SQL injections, XSS attacks, and complex threats like SQL Authentication Bypass and JWT attacks.
In addition to its scanning features, PTK includes tools such as the JWT Inspector for analyzing JSON Web Tokens, a proxy with a detailed traffic log for request manipulation, and R-Builder for crafting and tampering with HTTP requests. The extension also offers cookie management and a decoder/encoder utility for various formats. With integrations for Swagger.IO and Selenium, PTK enhances security practices from development to deployment.