Welcome to AttackForge

Workflow Management Made Easy

AttackForge® is a suite of penetration testing workflow management & productivity tools, saving time & money on managing pentesting projects and programs.
AttackForge reduces vulnerability remediation times and increases go-to-market speed.

Save Time

High-quality customizable reports, on-demand and at the click of a button.

Save Effort

Integrated, Centralized & Rich Write-ups Library. Stop re-inventing the wheel.

Save Money

Tools and workflows to reduce pentest overheads and costs by up to 40%.

Slash Remediation Times

From pentester to developer in near real-time. Raise issues fast, fix even faster.

Go-To-Market Faster

Avoid burning time and money waiting for reports. Get ready for Go-Live instead!

Clearer View

See your organistion's vulnerable areas. Know your real weaknesses.

Trust Is Everything.

AttackForge Is Trusted Around The World. Across All Industries & Verticals.

partner 1 partner 2 partner 3 partner 4 partner 5 partner 16 partner 19 partner 12 partner 7 partner 8 partner 9 partner 11 partner 13 partner 17 partner 18 partner 20 partner 21 partner 22 partner 23 partner 24
Enterprise has proven itself as a powerful tool in the Pen Testing practice

Leveraging the power of AFE, our penetration testers are able to easily collaborate on projects, identify application and infrastructure related vulnerabilities, and provide rapid updates to our customers.

Leveraging the power of AFE, our penetration testers are able to easily collaborate on projects, identify application and infrastructure related vulnerabilities, and provide rapid updates to our customers.

AFE allows us to coordinate our penetration testing efforts by leveraging the calendar and project request systems built into the tool. We have gained the ability to utilize resources more effectively by knowing who is allocated to which project with the click of a button. The dashboard tools available give managers a quick view on priority areas of focus, such as highly exploitable vulnerabilities, total number of vulnerabilities identified, remediation efforts, etc.

The AttackForge team continues to develop a tool for the next generation of penetration testing. They deliver feature asks and new functionality on-time and are receptive to feedback in quick fashion. Finding a platform that suited our needs was a challenge, but AFE has provided flexibility and usability above and beyond initial expectations.

Director Information Security Engineering Walgreens Boots Alliance

Still intersted? Try Community

Community | Core | Enterprise

A Platform For Everyone

Community is for Freelancers, Bug Bounty Hunters, Students & Amateur Penetration Testers.

Core is for Professional Penetration Testers, Consultancies & Small-to-Medium Enterprises.

Enterprise is for Large Enterprises, Government & Managed Security Services Providers.


Community is used by thousands of individuals all over the world, including amateur pentesters; students; freelancers; and bug bounty hunters. Community makes tracking and reporting easy for a typical pentesting project.

More Info Log In Sign Up


Core is an affordable & competitive Pentest Management Platform with all the features & workflows you need to manage your penetration testing program, or to deliver penetration testing to your customers or provide Pentest-as-a-Service (PTaaS).

More Info


Enterprise brings Business, Technology and Security teams together to reduce vulnerability remediation lead times and increase go-to-market speed. Enterprise is proven - put to work in large organisations to help save direct costs, increase visibility and reduce effort on every pentest.

More Info White Paper Case Studies

Passionate about simplifying and demystifying pentesting

Our Mission

Creating technology to help security teams globally better manage penetration testing projects and programs.

Our Vision

To create trusted and rigorous industry standard tools for managing security and penetration testing projects and their related activities.

From The Founders - Fil Filiposki

Pentesting is broken. And we're working hard to fix it.

Pentesting is archaic and disconnected between Business, Technology and Security teams. Reports are manual, static, and delivered sometimes weeks after vulnerabilities are first discovered. Pentesters and Developers aren't collaborating. Pentesters are getting burned out. The disconnect and frustration between all parties is costing big - in wasted effort, wasted time and wasted costs.

We're pioneering a platform and related technologies to fix these problems. To embrace the age of collaboration. To make communication, collaboration, transparency and reporting much easier, and eliminate many of the pain points for a typical pentest project.

From The Founders - Stas Filshtinskiy

Pentesting. Thrilling and Painful.

Being on both sides of pentesting is both thrilling and painful. It is thrilling to see the excitement when someone gets a shell on a server that is n-levels deep. But it's painful to see it happen time and time again, with the same attack from a decade ago.

It is thrilling when issues get fixed, and fast. But it's painful when developers have to wait weeks for a hundred page report, when only five pages are actually relevant to them. And most painful of all is when two of your friends - one a pentester and one a development lead - are arguing over a few vulnerabilities, weeks after the end of a pentest, and many weeks behind go-live deadline, whilst both being correct in their own right.

We see AttackForge as a place where everyone involved in penetration testing can get together and truly collaborate, set aside their differences and work towards the greater cause.

Short History

  1. Founded Cyber Security Hub

    Cyber Security Hub Logo

    Started Cyber Security Hub - a Melbourne, Australia based consultancy delivering penetration testing and governance, risk and compliance services to organisations. Bootstrapped our way to creating AttackForge minimal viable product.

  2. Launched Enterprise MVP

    Product Launch

    After much blood, sweat and tears - we finally launched our MVP to our consulting clients. We would spend the next two years refining AttackForge until it was ready for the world.

  3. Launched Community

    Product Launch

    People really liked Enterprise, but wanted a light, easily accessible version to use on their own projects and clients. Thus Community was (accidently) borne.

  4. First International Enterprise Sale


    We finally made our first international Enterprise sale. This was an exciting time for the team, and the much needed fuel to ignite our fire towards accelerating AttackForge product development into new and uncharted markets.

  5. AttackForge Goes Global


    AttackForge now has paying customers on every continent (except Antarctica!)

  6. 50K+ Vulnerabilities, 3.5K+ Pentests, 5K+ Users


    We hit record numbers in AttackForge - over 50 thousand Vulnerabilities registered on AttackForge; over 3.5 thousand Pentests delivered; and over 5 thousand registered Users.

  7. Launched Core


    Core is Now Available!
    An affordable & competitive Pentest Management Platform for Consultancies & Small-to-Medium Enterprises.

  8. Launched Action Pack

    Action Pack Launch

    Action Pack is Now Available!
    We launched the first ever on-demand dedicated tenant Pentest Management Platform - extending the global reach and access to our premier Core product.

  9. Launched AttackForge Version 2

    Action Pack Launch

    Enterprise & Core Version 2 is Now Available!
    We released a major upgrade of AttackForge - years in the making! The new version 2 is the most contemporary and feature-packed pentest management platform out there!


AttackForge Launches Version 2

Introducing AttackForge Enterprise & Core v2
by AttackForge

We just released the latest and greatest Pentest Management Platform - AttackForge Version 2 - for Enterprise and Core! v2 is a major redesign and improvement on AttackForge, having been developed over the past few years in close consultation with our customers. We have improved the user experience and included new features to ensure AttackForge remains the easiest and best way to deliver penetration testing, and to manage pentesting projects and programs.


AttackForge: Action Pack

Introducing Action Pack
by AttackForge

We are excited to launch the world's first on-demand dedicated tenant pentest management platform - AttackForge Action Pack! This offering provides a low-cost & easy-to-deploy option for our premier AttackForge Core product, and can be deployed in less than two minutes in any Microsoft Azure region globally. Action Pack provides a dedicated pentest management platform with in-app options to unlock powerful Enterprise features. The low cost ensures Action Pack can be deployed and used by freelancers or small security teams, and provides all the neccessary workflows. Every Action Pack customer can personalize their tenant with custom logos, subdomain and user interface options.


We're back at Black Hat USA Arsenal in 2022

Black Hat USA 2022
by AttackForge

We're honoured and super excited to be back at Black Hat USA Arsenal for 2022! This time we are focusing on our freely available pentest reporting tool - AttackForge ReportGen - and the power of version 2, released earlier this year. We're also taking a bigger team with us to the USA! And will be at Defcon as well. Can't wait to catch up with all the people we have not seen over past few years!


We're back at Black Hat Europe Arsenal in 2021

Black Hat Europe 2021
by AttackForge

AttackForge team will be presenting virtually at this years' BlackHat Europe in November. It has been 12 months since our last BlackHat event, in that time we have worked around the clock to bring exciting new features and capabilities to our free community edition of AttackForge. We can't wait to show everyone the progress we have made!


New Product Announcement!
Introducing Core

by AttackForge

We have just released the highly anticipated new product to the AttackForge lineup - Core.

Core is an affordable & competitive Pentest Management Platform with all the features & workflows you need to manage your penetration testing program, or to provide pentesting services to your customers.

If you are a Consultancy or a Small-to-Medium Enterprise, and conducting more than a dozen pentests per year - check out how Core can:

  • Increase Speed & Quality of Your Penetration Testing Reports
  • Provide Client Portal for Your Customers
  • Unify Pentesting Workflows
  • Remediate Vulnerabilities Faster
  • Measure Effectiveness & Prove Value of Your Penetration Testing Program & Services

View the full press release here.


We're accepted into Black Hat Europe Arsenal 2020

Black Hat Europe 2020
by AttackForge

We're honoured and super excited to be back at Black Hat Europe Arsenal for 2020! BHEU Arsenal is where it all started for us few years ago, and we can't wait to show everyone all the new and exciting features we have built into the free version Community!


Nucleus and AttackForge Announce New Integration!

Nucleus Security & AttackForge Partnership
by AttackForge

“This partnership is a big deal for security teams as a whole, not just the practitioners of VM or pen testing individually” said Stephen Carter, CEO and Co-founder of Nucleus. “We saw an opportunity to bring together traditionally independent red team penetration test data with vulnerability scan data to manage them together. This integration allows organizations to unlock additional collaboration and cohesion across both red and blue teams, at scale, in way that was impossible before.”

“The partnership between Nucleus Security & AttackForge bridges a gap that every security team faces. Until now, pentest data has lived outside of vulnerability management programs, in arbitrary and static reports – making pentest vulnerabilities impossible to track & analyze” said Fil & Stas, Co-founders of AttackForge. “By seamlessly integrating pentest data from AttackForge into Nucleus, organizations gain a true representation of the security posture of their assets, enabling leaders to make informed decisions when it comes to remediation and prioritization.”


AttackForge @ OWASP AppSecDay Australia 2019

Black Hat Europe 2019
by AttackForge

The AttackForge team will be showcasing Enterprise at Australia's biggest software security conference for technology professionals - OWASP AppSecDay 2019! Ensure to check out the demo of Enterprise, and enter the draw to win a free 12-month subscription for AttackForge Pro.


We're accepted into Black Hat Europe Arsenal 2019

Black Hat Europe 2019
by AttackForge

We are honoured and privileged to be accepted into the Black Hat Europe Arsenal for 2019! Looking forward to showcasing all the new features and capabilities we have built into AttackForge since we last presented here in 2018, and also catching up with friends!


Podcast @ Cyber Speaks LIVE -
Why Pentesting Is Broken

Black Hat USA 2019
by AttackForge

Excited to be speaking with Duncan McAlynn (@infosecwar) to share our experiences and thoughts on why we believe pentesting is broken, and how we are trying to solve the problems. Interested to hear thoughts from the LIVE audience on whether they have had similar experiences to us. Oh and we are randomly giving away three (3) AttackForge Pro Yearly subscriptions worth $600 each, so make sure you stick around for the LIVE Q&A for a chance to win.


We're accepted into Black Hat USA Arsenal 2019

Black Hat USA 2019
by AttackForge

And now for the big one. The Grand Black Hat. We are honoured, proud and thrilled to be presenting in the Black Hat USA Arsenal 2019! We were promised it's going to be big. We can't wait, we have worked so hard on new features for Community and we're very excited to show the world!


We're accepted into Black Hat Asia Arsenal 2019

Black Hat Asia 2019
by AttackForge

Community was accepted into Black Hat Asia Arsenal 2019. We learned so much from the Europe conference, we were excited to show everyone our progress and how we addressed community feedback. It was a stellar event - Singapore really knows how to turn it up!


We're accepted into Black Hat Europe Arsenal 2018

Black Hat Europe 2018
by AttackForge

An exciting and nerve-racking time for our team. Community was accepted into the prestigious Black Hat Arsenal. This would be our first major public announcement and showcase of Community. Would it stack up and be accepted by the community? We hope so :) EDIT: it was!


Find Us

121 King St,
Melbourne, Australia, 3000

+61 1300 790 001

info [at] attackforge [dot] com

Follow Us