Introduction

What is Vulnotes?

Vulnotes is a modern, web-based platform built for pentesters, by pentesters. After trying countless reporting tools and hearing the same frustrations across companies, we decided to build the platform we always wanted but never found: one that lets you focus on finding vulnerabilities, not fighting with report formatting.

Key Features

• Context-Aware AI: Screenshot to finding in seconds. AI-assisted writing, multi-language support, and automatic anonymization of sensitive data before processing.
• Visual Template Builder: Design white-label report templates with full control over layout, branding, variables, and reusable sections.
• Live Collaboration: Edit the same report simultaneously with presence indicators, cursor tracking, and instant, conflict-free updates.
• Review & Approval Workflow: Snapshots, threaded comments, change requests, and approval tracking.
• Vulnerability Management: Central vulnerability database with reusable templates, custom fields, and built-in CVSS v3.1 & v4.0 or custom scoring.
• Enterprise Security: SSO, LDAP, 2FA, role-based access control, and fine-grained permissions for clients, reports, and templates.
• REST API & Integrations: Full REST API, webhooks, and MCP server for automation and integration with your existing tools.

On-Premise & Cloud

• On-Premise: Deploy on your own infrastructure with full control over your data. Fast setup that works for every infrastructure.
• Cloud: Don’t want to maintain your own server? We deploy your own instance of Vulnotes in our cloud infrastructure within minutes.