PenTester scans your web targets for open ports, SSL issues, misconfigurations, and known vulnerabilities — directly in your browser. No installs. No credit card.
PenTester packs professional-grade scanning modules into a clean, guided interface that gets out of your way.
Enter a target and hit Run — PenTester starts scanning in seconds with no configuration required to get useful output.
Results are ranked by severity — Critical, High, Medium, Info — so you know exactly what to fix first.
Step-by-step modules walk you through port scanning, SSL grading, header audits, and DNS recon in a logical order.
Scan results are stored locally in your browser session only. Nothing is transmitted to our servers or logged.
Use it solo for personal projects or share scan reports with your team via a generated export — no account required.
Run all modules at once or pick exactly what you need — port scan, SSL check, HTTP headers, or DNS recon independently.
No setup. No install. No learning curve. Your first real scan takes under 60 seconds.
Type in a domain, subdomain, or IP address. Choose which scan modules to run — or run everything with one click.
PenTester checks open ports, SSL configuration, security headers, and DNS records simultaneously and reports in real time.
Findings are sorted by severity with plain-English explanations and remediation steps. Export the report when you're done.
Results are clear, color-coded, and immediately actionable — no decoding required.
Whether you're a solo consultant or a small security team, PenTester meets you where you are.
Quickly enumerate open ports, SSL posture, and security headers on a target before starting a formal assessment.
Run lightweight scans after deployments to catch new misconfigurations before they become incidents.
Generate a branded report of a client's attack surface in minutes — no expensive tooling license required.
Practice scanning concepts on domains you own and see how professional tools interpret and classify results.
Get visibility into your web infrastructure without paying for enterprise scanning platforms you don't need yet.
Straight answers. No fluff.
Yes. PenTester is a free browser-based tool built and maintained by BrowningPC LLC. There are no paid tiers, paywalled features, or trial periods. It is free to use as long as we operate it.
No credit card is required. Ever. You do not even need an account to run a scan. Just enter a target and go.
Nothing. Scan results are stored only in your browser session. When you close the tab, they are gone. We do not log targets, results, or any identifying information tied to a scan. See our security and privacy page for full details.
PenTester is for security professionals, IT consultants, developers, students, and anyone who legally owns or is authorized to test a web target. You are responsible for ensuring you have permission to scan any target you enter. Never use this tool against systems you do not own or have explicit written authorization to test.
Enterprise tools are deeper, faster, and more comprehensive — they are worth the investment for serious engagements. PenTester is built for quick reconnaissance, lightweight assessments, and learning. It covers the most common exposures (ports, SSL, headers, DNS) without the complexity or cost. Think of it as a solid first pass, not a replacement for professional tooling.
Please email ricky@browningpc.com with the subject line "Security Report." We take all reports seriously and will respond within 72 hours. Do not publicly disclose a vulnerability until we have had a chance to address it.
PenTester runs scan modules via public APIs and browser-based requests. No scan targets or results are sent to or stored on BrowningPC servers. Analytics (if any) are anonymous and aggregate only. We will never sell your data. If you have specific concerns, contact us at ricky@browningpc.com.
No credit card. No account. No setup. Just enter a target you own and run.