PentestPath desktop workflow

Map the attack path. Run the terminals. Ship the report.

PentestPath gives pentest engagements a single local-first desktop workflow. Graph the path, execute in context, and move into reporting without turning the product into a fake browser suite.

Download latest release Read docs Pro USD 48 one-time, excl. tax

Local-first Optional vault Ollama local AI Team Mode beta

Graph

Attack path stays visible while the mission grows.

Report

Append findings and move toward delivery without leaving the app.

Graph-first workspace

Downloads

Current public release: v2.0.0

Pick your platform and start with the latest release.

Windows ships as an `.exe` installer. Linux users can choose AppImage or `.deb` depending on how they prefer to run the desktop app.

Windows

Desktop installer

x64

Direct access to the latest `.exe` when available, with release assets as fallback.

Download Windows

If SmartScreen appears, click More info then Run anyway.

Linux

AppImage or `.deb`

Portable / package

Use AppImage for a portable path, or `.deb` if package-managed installation fits better in your environment.

Download AppImage Download .deb

AppImage may need libfuse2 on some modern distros.

Built for

Different users, same need: keep the engagement coherent.

The point is not to imitate a giant platform. It is to give a pentest engagement a single operational surface where the graph, commands, notes, and output still belong to the same mission.

Audience

Pentesters

Keep the engagement graph, terminal context, and reporting flow in one local-first workspace.

Audience

Consultants

Move faster between recon notes, execution, and deliverables without scattering context across tools.

Audience

Students

Practice methodology with a structure that makes attack paths, commands, and findings easier to review.

Audience

Small Teams

Use Team Mode beta when you need shared visibility without turning the product into a heavy enterprise stack.

Workflow

A clearer path from scope to deliverable.

This is the backbone of the site: not a list of abstract features, but the sequence a real engagement actually follows.

Define scope

Open a session, set the target, and keep the engagement boundary explicit from the start.

Map the graph

Import scan data, create nodes, and keep the attack path readable as the engagement grows.

Run the work

Execute from the terminal workspace and reuse arsenal context without jumping between disconnected windows.

Ship the report

Append findings from the workspace, review the output, and export HTML for handoff.

Workspace

Attack graph that stays usable during the engagement

PentestPath is built around a graph-first view of the mission. Search, filters, minimap, auto-layout, and node actions keep the structure readable instead of collapsing into a whiteboard mess.

Recon, exploit, privesc, lateral movement, and loot stay in one model
Session compare and package export support handoff and review
Research links open in your system browser for this release

Execution

Terminal work with session context still attached

The terminal workspace is there to support the engagement flow, not replace your shell. Open concurrent terminals, keep layouts across sessions, and work without losing sight of what the node or target actually means.

Rust-backed PTY layer for the desktop build
Multi-terminal workflow inside the same engagement context
Keyboard-first flow instead of fragmented tool switching

Delivery

Reporting that starts from findings, not from a blank document

The reporting flow is tied to the workspace so you can append findings, review the draft, and export deliverables without rebuilding everything in a separate document tool.

Markdown report editor with live preview
HTML export available on Free and Pro
Built for engagement output, not generic note taking

Smart Arsenal

Base command library on Free, with favorites and custom entries in Pro.

Local AI Assistant

Pro-only assistant connected to your local Ollama endpoint and model.

Vault Security

Optional password-protected vault with optional TOTP for sensitive local data.

Team Mode Beta

Real-time collaboration included in Pro as a beta workflow.

Pricing

Simple tiers.

Free is enough to explore the workflow. Pro unlocks the capacity and delivery features that matter once the tool becomes part of your actual engagement process.

Pro

USD 48

One-time payment, excl. tax

Buy Pro

USD 48 one-time for Pro, excl. tax
Device activation stored locally after validation
14-day offline grace after successful validation

Comparison

Free vs Pro

Team Mode stays included in Pro as beta.

Feature

Free

Pro

Sessions

Up to 3

Unlimited

Base Arsenal

Yes

Arsenal Favorites

Yes

Custom Arsenal

Yes

AI Assistant

Yes

Team Mode Beta

Yes

Resources

Public entry points for users and releases.

The public release repository is where the website, docs, changelog, binaries, and support flow now meet.

Latest Releases

Release

Download installers and release assets from the public release repository.

Documentation

Docs

Read the public docs, guides, and release-facing technical notes.

Changelog

Notes

Review release notes before updating your workflow or environment.

Support

Open an issue, report a bug, or follow public product feedback.

Relay Guide

Guide

Deployment notes for the Team Mode beta relay workflow.

Public Repository

Repo

Use the release repository as the public entry point for docs, releases, and support.