PentestPortal
Pentest reporting and security assessment platform for findings management, report generation, and remediation workflow.
PentestPortal is a penetration testing management system that streamlines security assessment workflows for organizations. The platform enables clients to submit penetration testing requests, track progress, and review detailed security findings and recommendations. Security professionals can manage test assignments, document vulnerabilities with CVSS scores and severity classifications, and generate professional reports. The system features role-based access control with distinct interfaces for clients, pentesters, and administrators, secure JWT authentication, and real-time status tracking. Built with a React frontend and Node.js/Express backend, and includes a PostgreSQL database for persistent data storage.
Tech Stack
Database
- PostgreSQL Persistent storage for users, requests, findings, and reports
Backend
- Express Node.js API framework for the pentest management backend
- Node.js Server-side JavaScript runtime for the API
Frontend
- React Client, pentester, and administrator interfaces
Security
- JWT Token-based authentication for role-based access control
- CVSS Vulnerability scoring and severity classification for findings