How I Run Entire Engagements in Pentest.ws (Without Leaving the Platform)
A breakdown from someone who still gets their hands dirty.
By Adam Benwell, CEO & Founder of PenTest.WS (Yes, I still do pentesting.)
When I built PenTest.WS, it wasn’t to pitch a tool to buyers.
It was because I was burned out from gluing together 6 different tools for every single engagement.
- One for note taking
- One for screenshots
- One for repos
- One for finding templates
- One for the actual reporting
- And three browser tabs open to re-check everything I forgot
It was clunky. It was error prone.
And it wasted hours of time that could’ve been spent testing.
So, I built PenTest.WS for myself first - and now, I use it on every engagement, start to finish.
Here’s exactly how I run an entire engagement in the platform, without leaving it.
Step 1: Create the Engagement
Every new assessment starts by spinning up a new engagement in PenTest.WS. Engagements aren’t just task managers; they’re your mission control.
Here’s what gets linked automatically:
- Hosts & ports
- Notes
- Screenshots
- Findings
- Credentials
- Scan results
- Commands I plan to run
Each engagement is like a self-contained workspace for a security assessment. Clean, fast, focused.
Step 2: Import Scans
PenTest.WS integrates natively with:
- Nmap
- Masscan
- Shodan
I can upload those scans directly, and the platform automatically maps:
- Hosts
- Open ports
- Services
- Fingerprints
Step 3: Run Service Commands
Instead of flipping back and forth between my terminal and notes, I use the Service Command Library to quick execute commands against the exact asset (host or port) I’m investigating.
I’ve saved custom shell templates like:
nmap -sV -p {port} {host}
curl -v http://{host}:{port}
With one click, I copy those commands right from the asset’s detail page - variables pre-filled.
No searching. No mistypes. Just fast, predictable testing.
Step 4: Take Notes In Context
Notes are attached directly to the asset I’m testing. So, when I go back later, I don’t have to remember what that vague line in my markdown file referred to.
Step 5: Capture Screenshots & Evidence
I drag and drop screenshots as evidence directly into the notes for the asset I’m testing.
- Makes them available for export later
- No filenames to manage. No folders to dig through.
Step 6: Build the Report As I Work
This is the magic: The report writes itself while I test.
Because:
- Notes are linked
- Findings are documented in context
- Screenshots are attached
- Metadata is already populated
When the testing is done, the report is 90% ready. All I have to do is clean up phrasing and click Export. I use a custom Word template that matches the client’s expectations - and I’m done.
Why This Workflow Works (For Me - and You)
I built PenTest.WS to remove friction, not add “features.”
Here’s what I’ve gained:
✅ Fewer mistakes (because everything’s in one place)
✅ Faster testing (no jumping between tools)
✅ Cleaner reports (built automatically)
✅ More focus (because context switching is gone)
The goal was never to make the flashiest tool.
The goal was to build something that a real pentester could use every day, without babysitting it.
And that’s exactly what PenTest.WS does.
TL;DR: Real Testing. No Tool Juggling.
Most platforms are built to look impressive. PenTest.WS was built to be useful.
I run full engagements in the platform because:
- It’s fast
- It’s clean
- It keeps me in flow
If you’re tired of duct-taping your workflow together, try it for yourself.