How can we help you today?

How to validate findings?

Don't take everything for granted. Manually verify your findings before generating the final report
Written by Adina Mihaita
Updated 1 month ago

Why not automate 100% of the process?

Because you just can’t automate everything. No automated scanner can...

  •  Interpret the context of the target
  •  Decide which data is important
  •  Know when to stop or when to push further
  •  Find logic flaws, chain exploits, and do custom post-exploitation
🚀 We highly recommend Pentest-Tools.com users to go through all the reported vulnerabilities and manually verify them.

To make this task easier for you, our scanners can automatically verify some findings by exploiting the identified vulnerabilities and present the user with a proof of exploitation. These will be already tagged as CONFIRMED.

We also provide an easy exploit that runs the attack vector directly from the scan result. Use the Replay Attack button to check the result of the exploit.

You can also run one of our dedicated exploit tools to verify findings, such as Sniper - Automatic Exploiter, SQLi Exploiter or XSS Exploiter.

Once verified, you can go to your findings tab, select the finding(s), click Modify Finding and select Change Verified.

Did this answer your question?