Penetration Testing Kit features:
New! Run SQL Injection attacks on any POST requests.
1) Dashboard - With information about client/server technologies the PTK extension can help you to understand technology stack and OWASP secure headers. Analyse requests/responses to see required POST actions and send them to the request builder.
2) Request Builder - Need to check what happens if you send a SQL injection or XSS attack? Just use this request builder, modify the parameters, execute the request and check it right in your Chrome browser.
3) Recording helps getting a sequence or authentication macro. Macro can be recorded and exported with Javascript support that allows the PTK to play it back within a browser. Export recorded traffic as a HAR file or open any existing HAR file in the HAR viewer.
4) Swagger utility allows you to see all endpoints from swagger file - json or yaml. It allows you to save a modified swagger.json file with Host and Shemes values changed
