PenQ is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and many more. PenQ is not just a mix of addons but it comes preconfigured with some very powerful open source java/python and command line tools including Nikto, Wfuzz, OWASP Zap, OWASP Webslayer, OWASP WebScarab, Tor and lots more. PenQ is configured to run on Debian based distributions including Ubuntu and its derivative distros, and penetration testing operating systems such as BackTrack and Kali. PenQ lets security testers access necessary system utilities and tools right from their browser, saving time and making tests a lot faster. Tools built-in range from those for anonymous browsing and system monitoring to ones for taking down notes and scheduling tasks.PenQ can save companies from huge investments in proprietary tools and over-sized testing team. It also provides tutorials by linking to OWASP Testing Guide, a vast source of security testing related knowledge with a lost of useful resources and OWASP project. PenQ can be used to test the OWASP Top 10 risks to safeguard web applications against vulnerabilities.

Testing Solution for SMBs

A secure website is crucial to any online business – small, medium or enterprise scale. PenQ can save companies from huge investments in proprietary tools and over-sized testing teams. Integrated with resource links, security guidelines, and testing tools, PenQ empowers even less experienced testers to do a thorough job of checking for security loopholes.

A Slew of Tools

PenQ lets security testers access necessary system utilities and tools right from their browser, saving time and making tests a lot faster. Tools built-in range from those for anonymous browsing and system monitoring to ones for taking down notes and scheduling tasks. View the entire set of tools under features.

Debian Based

PenQ is configured to run on Debian based distributions including Ubuntu and its derivative distros, and penetration testing operating systems such as BackTrack and Kali.

With all its integrations, PenQ is a powerful tool. Be mindful of what use you put it to. Responsible use of PenQ can help secure web apps in a zap.

Features

OWASP ZAP

Wfuzz Web Application Fuzzer

PenTesting Report Generator

OWASP WebScarab

Mozilla Add-ons Collection

Vulnerability Databases Search

OWASP WebSlayer

Integrated Tor

Access to Shell and System Utilities

Nikto Web Server Scanner

OWASP Penetration Testing Checklist

Collection of Useful Links

Full List of Mozilla Add-ons

anonymoX

Awesome Screenshot

ChatZilla

CipherFox

Clear Console

Cookies Manager+

Cookie Monster

CryptoFox

Email Extractor

Firebug

FireFlow

FireFTP

FireSSH

Greasemonkey

Groundspeed

HackBar

HackSearch

Header Spy

HttpFox

HttpRequester

JavaScript Deobfuscator

Library Detector

LinkSidebar

Proxy Selector

Proxy Tool

RefControl

RESTClient

Session Manager

SQL Inject Me

SQLite Manager

TrashMail.net

User Agent Switcher

Wappalyzer

Web Developer

Xinha Here!

XSS Me