pentestkit @pentestkit
Cross-browser extension Penetration Testing Kit owasp.org/www-project-pe… Joined May 2021-
Tweets64
-
Followers76
-
Following7
-
Likes11
If you use @browserling for cross-browser testing, you can also add a lightweight security testing layer with OWASP PTK. Watch the demo.
ZAP now has a dedicated OWASP PTK active scan rule, so you can run the PTK rules in the ZAP active scanner. Check out the dramatic improvement in the scores vs Google Firing Range! zaproxy.org/blog/2026-06-0… #zaproxy #owaspptk #appsec
ZAP and PTK - Phase 2. zaproxy.org/blog/2026-06-0…
𝗢𝗪𝗔𝗦𝗣 𝗣𝗧𝗞 𝗶𝘀 𝗻𝗼𝘄 𝗮𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝗮𝘀 𝗮𝗻 𝗻𝗽𝗺 𝗽𝗮𝗰𝗸𝗮𝗴𝗲 Instead of treating browser security testing as a separate manual activity, teams can now run PTK-backed scans as part of automation. npmjs.com/package/pentes…
Blog: Automating OWASP PTK with ZAP (Phase 1) You can now automate @owasp @pentestkit using ZAP zaproxy.org/blog/2026-05-0… #zaproxy #owasp #appsec
I wrote a scenario like a prompt, hit run… and Codex just did the job. Playwright is driving the browser. OWASP PTK is turning it into real DAST/IAST findings. It even solved a math captcha on its own. This is what crawling should look like. youtu.be/UjjrxENjyEg
@DerrickShieldsX - is it you? Peritus Labs says it’s “The Data Consultancy for Serious Organizations.” Odd, because posting “PTK got hacked” in public and asking me to chase you for the details is the opposite of serious. Report privately, with evidence. Or say it wasn’t you.
Blog: ZAP Updates for March: zaproxy.org/blog/2026-04-0… ZAP was started 9.5 MILLION times .. and we announced significant collaborations with other open source projects Cc @javamuffinztx @seqradev @pentestkit #zaproxy #appsec
@zaproxy @javamuffinztx @seqradev @pentestkit Like half a million of those runs were me 😂
This is huge! zaproxy.org/blog/2026-04-0… OWASP PTK massively increases ZAP’s browser side testing capabilities .. and automation is up next! Many thanks to @pentestkit for this great integration. #zaproxy #owasp #appsec
With OWASP PTK 9.8.0 and the ZAP PTK add-on 0.3.0, findings from PTK can now show up in ZAP as native Alerts. zaproxy.org/blog/2026-04-0…
PTK 9.8.0 with auto-discovery is out and I tested it on burpbountylab.com 10 XSS first. Same workflow + auto-discovery. 32 high-severity findings across XSS + SQLi. Video: youtu.be/bdC-hZ79kDk #AppSec #BugBounty #XSS #SQLi #DAST
𝗢𝗪𝗔𝗦𝗣 𝗣𝗧𝗞 𝟵.𝟳.𝟬 is out for Chromium and Firefox This release is all about improving the 𝗯𝘂𝗴 𝗯𝗼𝘂𝗻𝘁𝘆 𝘂𝘀𝗲𝗿 𝗲𝘅𝗽𝗲𝗿𝗶𝗲𝗻𝗰𝗲. See how SAST can find hidden routes!
𝗢𝗪𝗔𝗦𝗣 𝗣𝗧𝗞 𝟵.𝟲.𝟬 𝗶𝘀 𝗼𝘂𝘁 - a reporting + correlation focused release. This version is all about turning scan output into something you can actually share, triage, and act on. pentestkit.co.uk/release_notes.…
Reposting this write-up - if you try the add-on, break it (politely) and tell me what you’d like to see next. Bugs, issues, and reviews genuinely help. cybersecuritynews.com/zap-owasp-pent…
𝗭𝗔𝗣 + 𝗢𝗪𝗔𝗦𝗣 𝗣𝗧𝗞 as a browser-based AppSec tool is a pretty powerful combo. I’m really excited to share a major milestone for OWASP PTK: the 𝗢𝗪𝗔𝗦𝗣 𝗣𝗧𝗞 𝗮𝗱𝗱-𝗼𝗻 𝗳𝗼𝗿 𝗭𝗔𝗣 is now released. zaproxy.org/blog/2026-01-1…
PWASP PTK 9.5.0 has been released: JWT attacks improved: fixed false positives for alg=none checks and better handling of public/unauthenticated endpoints. SPA attacks support: improved attack flow for modern single-page applications. UI performance and bug fixes.
OWASP PTK v.9.1.0/1 has just been released with a full house appsec tools: - DAST (Dynamic Application Security Testing) - IAST (Interactive Application Security Testing) - SAST (Static Application Security Testing) - SCA (Software Composition Analysis)
Meet first in class in-browser IAST agent for JavaScript! In OWASP PTK v9, we’ve introduced an integrated IAST capability to help surface client-side issues immediately: *Taint-Flow Visibility *Contextual Findings *Zero-Configuration Deployment
P1n93r @P1N93R_
2 Followers 445 Following
NRP @pinkney_na62534
1 Followers 27 Following
Michael @sinceremv
4 Followers 1K Following
VLADYMIR PUTIN @JohnReaverBot
4 Followers 128 Following
Leroy Robbins @LeroyRobbi20357
0 Followers 435 Following
Petru Surugiu @pedro_infosec
71 Followers 1K Following
9527 @Mr0x65
0 Followers 1K Following
larmelli @lelloarmelli
65 Followers 278 Following
Julian @JulianJulian99
15 Followers 5K Following
🕹️ Chadders 💻 @mchadder
561 Followers 108 Following Software Architect specialising in Oracle, PostgreSQL, Python, Lua, Javascript, Linux, AI, Pentesting, DevSecOps and Retro Computing.
Fernando Manzanarez @FernandoMa61306
16 Followers 3K Following
Fahrul Amri Izwan @fahrulamri
88 Followers 1K Following An ordinary person who still ongoing learn about IT.
sh4des @augmentedsec
66 Followers 1K Following
R M ⚡🇺🇦 @kingthorin_rm
2K Followers 473 Following IT Sec guy, @zaproxy co-lead, @owasp_wstg co-lead, VWAD co-lead, @owasp_ottawa volunteer, Hac≺3r, supporter of oxford commas, #INTJ. (Opinions == mine) 🍁
xxxxxx @junmoxiaoheheda
0 Followers 933 Following
Simon Bennetts ⚡�... @psiinon
7K Followers 638 Following ZAP (@zaproxy) by @Checkmarx lead, #Mozillian Mastodon: @[email protected]
Geoff Moraes @_eddietorial_
9 Followers 68 Following Tech curious https://t.co/yfr2yJNbkj Payment link: https://t.co/J1mUi6OnIR
Soul_Protocol @Soul_Protocol
1K Followers 1K Following 🔍 #OSINT / #SOCMINT contractor, analyst and enthusiast. Interests include #Pentesting / Red Team / #Recon, and #Python development. #Resources, Tools, and TTPs.
nigwar @nigwar
40 Followers 701 Following
Giuseppe Boschi @GiuseppeBoschi2
352 Followers 6K Following “La idiotez es una enfermedad extraordinaria, no es el enfermo el que sufre por ella, sino los demás”.
T1nt1n @t1nt1nsn0wy
681 Followers 5K Following Noobie H4CK3R and researcher at @qualys. Prev @pwc. Views are my own :)
Satyajit Das @satyajitdas02
318 Followers 3K Following Cyber-Sage | Infosec | Appsec | BFSI | Shooting Sports | Inception | Social Responsibility
Andrew Arellano @andarell1082
47 Followers 2K Following
Seeker Of light @SeekerOflight5
425 Followers 623 Following Web programmer cyber security, sick analyst/architecture for the future
Ken Nevers @k3nundrum
1K Followers 3K Following †Christian | hubby | dad | co-founder @hackspacecon @HackRedCon | @redseersecurity | now hacking the planet @rotassec |OSEP|OSCP|CRTO|CRTE|CRTP|LMNOP.....
theRipp3r @Ripp3rThe5169
5 Followers 16 Following
blackydawny @blackydawny
0 Followers 557 Following
d34th @d34th84805290
25 Followers 4K Following
crkmyth1cal @crkmyth1cal
8 Followers 237 Following
Owen , not even close @OwenSalaryThef
2 Followers 96 Following Hi there 😉 This is just a rookie whom just go on in cyber security. これからも仲良くしてください
Donny Greene @__redtape
166 Followers 617 Following Cybersecurity Consultant https://t.co/FtnbJk31LZ
Brian Pavicic @Brian__Pavicic
25 Followers 157 Following Software Security Activist & Champion @stake - Symantec - Veracode - Rapid7 alum learn more - https://t.co/p0sMZhRvKo…
Pentester Academy @SecurityTube
198K Followers 14K Following We help professionals acquire the skills, knowledge and certificates by teaching defense through offense to advance their careers in cybersecurity.
OSINT Research osint-... @OSINT_Research
13K Followers 1K Following Moved 2 Bluesky Connecting.The.Dots. Finds it! Tweeted about #OSINT Links: https://t.co/CLGKXLEEg2 https://t.co/WBMyuhrMU8
OSINT Techniques @OSINTtechniques
73K Followers 506 Following Co-Founder, Forensic OSINT [email protected]
SANS Institute @SANSInstitute
193K Followers 412 Following SANS is the most trusted and by far the largest source for information & cyber security training, certification and research in the world.
0ll0 @BamNsec
14 Followers 74 Following -- intelligence analyst --Data || Info-Sec Professional || Ethical Hacker -- Interests; freedom, privacy, osint, social-engineering, raspberry pi, sigint
Cyber Detective💙�... @cyb_detective
61K Followers 3K Following Every day I write about #osint (Open Source Intelligence) tools and techniques. Also little bit about forensics and cybersecurity in general. Work in @netlas_io
OWASP® Foundation @owasp
216K Followers 525 Following We improve the security of apps with community-led open source projects, 260 local chapters, and tens of thousands of members worldwide. Famous for OWASP Top 10You might like
