Focus on what matters

Features that help you manage and deliver your pentesting better

Plan, Perform and Track

Pentest as a Project

  1. Request or Create Project

    Approve a project request from client or create a project

  2. Invite Your Project Team

    Bring stakeholders together and assign them appropriate access

  3. Complete Test Cases

    Demonstrate testing progress by performing test cases

  4. Add Vulnerabilities

    Import or create vulnerabilities while leveraging centralized writeups and tool integrations

  5. Instant Reports

    Generate reports on demand built on your reporting needs

Product Dashboard

Dashboard

A single view into your testing progress with quick navigation and actions

Daily Tracking

Daily summary of vulnerabilities discovered and test cases actioned

Workspace

All your notes, files and testing logs in one place

Custom Fields

Define and capture information using custom fields with configurable access controls

Retesting Flows

Request and perform retesting rounds on every project

Notifications

Opt into project updates or use powerful rules-based email notifications

Reporting Options

Generate reports on demand. Control reports for all stakeholders

Scheduling

User availability and project calendar views to help plan your testing

Integrations, Executive Overview, Project Logs and many more features

Optimized for Pentesters

Complete Vulnerability Workflows

Writeups

Save effort and achieve consistency by creating vulnerabilities using centralized and cutomizable writeup libraries.

writeup

Attack Chains

Demonstrate attacks from a hackers perspective. Map attack chains to MITRE ATT&CK framework and include them in your reports.

attackchain

Import Vulnerabilities

Import vulnerabilities from popular tools such as Nessus, Burp Suite, Qualys, and more - or use the APIs.

App screenshotApp screenshot

more

Export Vulnerabilities

Export vulnerabilities to your enterprise ecosystem and ticketing tools, including JIRA, ServiceNow, Azure DevOps and more.

JIRAServiceNow

more

Remediation Plans

Acknowledge and plan for remediation of every vulnerability. Track remediation progress against plans. Know when vulnerabilities are closed or fixed.

SLAs

Automatically assign remediation SLAs for every vulnerability, using configurable rules which match your policies.

sla

Review Workflows

Efficient workflows to review and QA vulnerabilities with your teams.

review

Customizable Vulnerability Form

Capture and display information that you want how you want.

Custom Fields with extensive field types
Access Controls
Hide Sections and Fields using custom logic
API Support
Available in Reports

Bulk Actions, Streamlined Reviews, Import Parser Actions, Custom Tags, and many more features

On Demand Reports with ReportGen

Highly Customizable Reports

  1. Create New Template or Adapt Your Own

    Easy to follow documentation to create DOCX basedtemplates or use one of many example templates available

  2. Test Template Using ReportGen

    Use ReportGen to test your template with your project data

  3. Upload Template

    Upload multiple templates with configurable access controls

  4. Generate Reports on Demand

    Easily download multiple report types on demand

reportgen

Everything you need for a professional looking report - out of the box!

Tags

Functions

Filters

Conditions

Tables

Charts

Reduce Rework. Improve Quality.

Centralized Libraries

Writeups

Speak a unified vulnerability language with your teams and customers. Reduce time & effort on review cycles. Bring vulnerabilites immediately to development teams and engineers.

writeups

Test Cases

Loaded with industry benchmarks from OWASP, NIST, PCI, OSSTMM and others. Enforce how you want it tested, every time. Bring consistency to your testing process and keep your auditors happy.

testcase

Assets

Centralized tracking and management of assets. Complete visibility and accountability. Capture detailed information and categorization for your assets. Load assets from external systems.

asset

Know Your Security Posture

Track and Compare

  1. Track Vulnerabilities across Organization or Business Units
  2. Compare Trends against time periods
  3. Track Vulnerabilities by SLAs
  4. Measure your Mean-Time-To-Remediate (MTTR)
  5. Top 10 Vulnerable Assets
  6. Executive Line Reporting
  7. much more
Dynamic form shortening

Track and Manage BAU Testing

Program Level Reporting

Work Streams help you to consolidate all of your related testing activities for an application, platform, business group and more - into a single Portfolio.

Work Streams can help you track all tests by time periods, regulatory requirements, classifications and more. Understand where to focus your time and resources more effectively.

Portfolios

Automate Workflows

Self Service APIs

Easily automate workflows using our Self-Service APIs. Perfect for customizations and integrations into your ecosystem.

  1. 100+ REST API Endpoints
  2. Event-driven APIs for realtime updates
  3. OpenAPI v3 compliant documentation
  4. Enterprise-ready access controls
SSAPI

Adapt The Tool To Work For You

Advanced Customizations

AttackForge is the most configurable Pentest Management Platform available. Switch workflows on and off. Adjust features to match how you want to work. Customize the application to your style.

  • Whitelabelling
  • Custom Colours
  • Custom Fields
  • Custom Forms
  • Table View
  • Dark Mode
  • Rule Based SLAs
  • Import Mapping
  • Report Access
  • Notifications
  • Email Templates
  • Rule Based Emails
  • Daily/Weekly Updates
  • Delegations
  • many more

Ready to test the product?

Get your own dedicated tenant with a custom domain deployed in under 2 minutes.

App screenshot