Does this tool store my findings on a server?

No. All findings are stored exclusively in your browser's localStorage. No data is transmitted to any server. Use the JSON export to back up your findings or transfer them between devices.

What export formats are supported?

The tool supports three export formats: Markdown (formatted pentest report with all findings), JSON (structured data for re-importing), and CSV (for spreadsheet import). You can also export a subset of findings by selecting them first.

Can I import findings from a previous session?

Yes. Use the "Import JSON" button to load a previously exported JSON file. Duplicate findings (by ID) are skipped automatically.

Pentest Findings Documenter

Document vulnerabilities as you find them and export a formatted report. Track severity, CVSS scores, affected URLs, HTTP requests, steps to reproduce, impact, and remediation recommendations. Export as Markdown, JSON, or CSV. All data lives in your browser — nothing is sent anywhere.

X LinkedIn Reddit

Related Tools

CVSS 3.1 Calculator

Score vulnerabilities with all 8 CVSS 3.1 base metrics.

OWASP Top 10 Checklist

Generate custom OWASP Top 10 test checklists by stack.

Attack Chain Builder

Build and visualize multi-step attack chains.

Text Diff

Compare texts side-by-side with character-level highlighting.

$loading...