Map the attack path. Run the terminals. Ship the report.
PentestPath gives pentest engagements a single local-first desktop workflow. Graph the path, execute in context, capture evidence, and move into reporting without scattering context across tools.
Pick your platform and start with the latest release.
Windows ships as an `.exe` installer. Linux users can choose AppImage or `.deb` depending on how they prefer to run the desktop app.
Direct access to the latest `.exe` when available, with release assets as fallback.
If SmartScreen appears, click More info then Run anyway.
Use AppImage for a portable path, or `.deb` if package-managed installation fits better in your environment.
AppImage may need libfuse2 on some modern distros.
Different users, same need: keep the engagement coherent.
The point is not to imitate a giant platform. It is to give a pentest engagement a single operational surface where the graph, commands, notes, and output still belong to the same mission.
Pentesters
Keep the engagement graph, terminal context, and reporting flow in one local-first workspace.
Consultants
Move faster between recon notes, execution, and deliverables without scattering context across tools.
Students
Practice methodology with a structure that makes attack paths, commands, and findings easier to review.
Small Teams
Use Team Mode beta when you need shared visibility without turning the product into a heavy enterprise stack.
A clearer path from scope to deliverable.
This is the backbone of the site: not a list of abstract features, but the sequence a real engagement actually follows.
Define scope
Open a session, set the target, and keep the engagement boundary explicit from the start.
Map the graph
Import scan data, create nodes, and keep the attack path readable as the engagement grows.
Run the work
Execute from the terminal workspace and send Arsenal commands into shell context for review.
Ship the report
Capture evidence, append findings from the workspace, and export HTML or Pro PDF for handoff.
Attack graph that stays usable during the engagement
PentestPath is built around a graph-first view of the mission. Search, filters, minimap, auto-layout, and node actions keep the structure readable instead of collapsing into a whiteboard mess.
- Recon, exploit, privesc, lateral movement, and loot stay in one model
- Session compare and package export support handoff and review
- Research links stay attached to the same session context
Terminal work with session context still attached
The terminal workspace is there to support the engagement flow, not replace your shell. Open concurrent terminals, keep layouts across sessions, and work without losing sight of what the node or target actually means.
- Rust-backed PTY layer for the desktop build
- Multiple integrated terminals in Free and Pro
- Arsenal commands can be sent to the terminal before you run them
Reporting that starts from findings, not from a blank document
The reporting flow is tied to the workspace so you can capture evidence, append findings, review the draft, and export deliverables without rebuilding everything in a separate document tool.
- Markdown report editor with live preview
- Screenshot evidence paste, annotation, and redaction
- HTML export on Free and Pro, Typst PDF templates in Pro
Smart Arsenal
Base command library on Free, with favorites and custom entries in Pro.
Local AI Assistant
Pro-only assistant connected to your local Ollama endpoint and model.
Vault Security
Optional password-protected local vault with optional TOTP for sensitive local data.
Team Mode Beta
Real-time collaboration included in Pro as a beta workflow.
Simple tiers.
Free is enough to explore the workflow. Pro unlocks the capacity and delivery features that matter once the tool becomes part of your actual engagement process.
- USD 47.99 one-time for Pro, excl. VAT
- Device activation stored locally after validation
- 14-day offline grace after successful validation
Free vs Pro
Public entry points for users and releases.
The public release repository is where the website, docs, changelog, binaries, and support flow now meet.
Latest Releases
ReleaseDownload installers and release assets from the public release repository.
Documentation
DocsRead the public docs, guides, and release-facing technical notes.
Changelog
NotesReview release notes before updating your workflow or environment.
Support
SupportOpen an issue, report a bug, or follow public product feedback.
Relay Guide
GuideDeployment notes for the Team Mode beta relay workflow.
Public Repository
RepoUse the release repository as the public entry point for docs, releases, and support.