OWASP Penetration Testing Kit by pentestkit.co.uk

Penetration Testing Kit browser extension allows you to simplify your day-to-day job in application security.

One-click access to insightful information about technology stack, WAFs, security headers, crawled links, and authentication flow.

Proxy with a detailed traffic log that allows you to repeat any request in the R-Builder or send it to the R-Attacker and execute XSS, SQL, or OS Command injections automatically.

Craft your own request in R-Builder or run a DAST scan using R-Attacker while browsing an application and check for SQL Injection or XSS right in the browser.

SCA scan that helps you to identify any javascript well-known vulnerabilities, aka CVE.

Cookie editor allows to manage cookies and you can add, edit or remove cookies. And even more - you can create rules to block or protect cookies or export cookies and then import them again.

Decoder/Encoder utility to manage encoding and decoding from and to UTF-8, Base64, MD5, and more.

Integrated Swagger.IO to help you understand API documentation better and create any requests to its endpoints.

With Selenium integration, this extension can help you to identify security risks at the very beginning of your development cycle.

Are you a penetration tester or a member of a Red Team or an application security practitioner? Need a security insight on an application? Try the PTK - an extension that makes your browser smarter.