The solution developed by Sourav Kalal combines automated report generation, client management, and project control into a single dashboard aimed at offensive security teams.
In a sector where every second counts and technical documentation is as important as the tests themselves, APTRS (Automated Penetration Testing Reporting System) emerges—a free, open-source tool that promises to revolutionize the way cybersecurity teams generate, manage, and deliver their penetration testing reports.
Developed in Python and Django by researcher and pentester Sourav Kalal, APTRS is designed to simplify the workflows of technical teams and enhance the quality and standardization of reports. In addition to offering report generation in PDF, DOCX, and Excel with customizable templates, the tool provides a comprehensive system for managing projects, clients, and vulnerabilities.
More than just a report generator
Unlike other open-source projects focused solely on documentation, APTRS aims to cover all phases of a professional pentesting operational process. The solution includes features such as:
- Centralized vulnerability management with proofs of concept (PoC), technical descriptions, recommendations, and tracking.
- Reusable vulnerability database, allowing for faster documentation in future audits.
- Customizable report templates in both Word (docx) and HTML/CSS, to tailor the design to the client’s needs.
- Control of multiple projects, with tracking of statuses, deadlines, deliverables, and re-test dates.
- Client and company management, ideal for consultancies and teams handling multiple accounts in parallel.
“With APTRS, we not only seek to save time for cybersecurity professionals but also to improve the client experience by providing greater visibility and organization of ongoing projects,” Kalal explained.
Coming soon: integrated client portal
One of the most anticipated features is the addition of an exclusive client portal, still in development, which will allow organizations to access their reports, review invoices, request new security tests, and centralize their relationship with the provider from a single secure interface.
This vision aims for the professionalization of the pentesting service and responds to a growing demand for transparency, traceability, and efficiency in technical audit processes.
Simple installation and available for free
APTRS can be easily installed using Docker—the recommended method—or manually for users with prior experience in Python, Node.js, and Nginx environments.
The code is publicly available on GitHub.
Kalal has also opened the possibility for donations and sponsorships to maintain the ongoing development of the project, which is currently reliant on his individual effort.
A boost for modern offensive security
The rise of penetration testing as a service (PtaaS) has highlighted the need for more agile and professional tools for those working in offensive security. Platforms like Cobalt, Pentera, or CrowdStrike offer highly advanced commercial solutions, but for many independent professionals, consultancies, or internal cybersecurity teams, an open-source tool like APTRS represents a powerful, free, and highly customizable option.
By drastically reducing the time spent on documentation—one of the most tedious tasks of pentesting—while simultaneously professionalizing client delivery, APTRS positions itself as a key tool in the technical security ecosystem.
The future: more collaboration, more automation
The long-term vision for APTRS includes integrating features such as:
- Modules for dynamic report generation based on automated tests.
- Integration with scanning systems (like Nmap, Nessus, or Burp Suite).
- Customizable dashboards for real-time tracking.
- A multi-user client portal with role and permission management.
In an environment where efficiency, traceability, and technical quality are basic requirements, tools like APTRS demonstrate that open source remains a fundamental pillar in the evolution of cybersecurity.
For more information and downloads:
👉 https://github.com/APTRS/APTRS
👉 Online demo at https://live.aptrs.com
Author: Sourav Kalal
License: Open Source
Languages: Python, Django, Node.js
Recommended deployment method: Docker.
Source: APTRS at Sistemas Administration