What is Pwnbook?
Pwnbook is a comprehensive security operations platform designed to streamline the full lifecycle of a penetration test. From scoping and target discovery through exploitation, documentation, and final reporting, Pwnbook gives your team a unified workspace that replaces a scattered collection of spreadsheets, note apps, and one-off scripts. Whether you’re running a solo assessment or coordinating a large team engagement, Pwnbook scales with you.Key capabilities
Engagement Management
Organize every pentest as a self-contained engagement with its own targets, tasks, notes, and findings.
Threat Modeling
Build interactive threat models with a visual canvas. Map assets, threats, and attack vectors directly to your engagement.
Automated Recon
Add targets and let the recon worker enumerate subdomains, open ports, and services automatically. Deploy network agents for internal scanning.
API Testing
Execute HTTP requests against targets, save templates, share community scripts, and review full execution history.
Wiki & Notes
Collaborative markdown wiki pages per engagement. Share findings externally with time-limited share links.
Report Generation
Generate polished pentest reports from customizable templates. Build executive dashboards with drag-and-drop tiles.
AI Security Assistant
Chat with an AI assistant that understands your engagement context. Powered by Anthropic or OpenAI depending on your configuration.
Architecture Modeling
Map application components, data flows, and routes. Identify component-level risks and import infrastructure from cloud providers.
Platform architecture
Pwnbook is composed of several services that work together:Frontend
Frontend
A React 18 application built with Vite, TypeScript, and shadcn/ui. Runs on port 8080 by default. Communicates with the backend API and workers over HTTP.
Backend API
Backend API
A Fastify (Node.js + TypeScript) API server on port 3001. Handles authentication, authorization, all business logic, and database interactions via Drizzle ORM on PostgreSQL.
Recon Worker
Recon Worker
A Python FastAPI service on port 8001. Handles long-running recon scans, coordinates network agents, and processes scan results asynchronously via BullMQ/Redis.
AI Worker
AI Worker
A Python FastAPI service on port 8002. Proxies requests to Anthropic or OpenAI, manages conversation context, and serves the AI chat assistant.
Database & Queue
Database & Queue
PostgreSQL for persistent storage, Redis for the BullMQ job queue used by background workers.
Get started
Quickstart
Create your account, set up an organization, and run your first engagement in minutes.
Self-Hosting
Deploy Pwnbook on your own infrastructure using Docker Compose.
Core Concepts
Understand how engagements, organizations, and roles work in Pwnbook.
API Reference
Integrate Pwnbook into your workflows using the REST API.