CHECK-002 /.env → HTTP 200 CRITICALsupabase_anon_key: eyJhbGc...abc9RLS disabled → users table: 847 rowsNEXT_PUBLIC_STRIPE_KEY: pk_live_ab...z9CVE-2024-0001 → CRITICALCHECK-009 → 3 tables exposedX-Frame-Options: MISSINGcors: access-control-allow-origin: *git config exposed → HTTP 200.env accessible → credentials leakedCHECK-011 → no rate limit detectedsk-ant-api03...truncated CRITICALHSTS missing → downgrade possiblefirebase.json rules: trueCHECK-007 → service_role key in bundleCHECK-002 /.env → HTTP 200 CRITICALX-Frame-Options: MISSINGCVE-2024-0001 → CRITICALcors: access-control-allow-origin: *CHECK-009 → 3 tables exposed

Your app hasvulnerabilities.Find them first.

I own or am authorized to scan this URL.

or start 7-day trial →

Score in 20 seconds · No account needed · €49/mo to unlock fixes

HOW IT WORKS

Three steps.
Twenty seconds.

No setup. No agent to install. No GitHub connection required at launch.

01 — FREE

Paste your URL

No account needed. Tick the ownership checkbox. Hit scan. 17 security checks run in parallel. Score in 20 seconds.

02 — FREE

See your score

0–100 score. Vuln count by severity. Your top issues visible by title. Everything else blurred until you subscribe.

03 — €49/MO

Unlock the fix bundle

Exact before/after code for your stack. Weekly automated rescans. Email alerts when something new breaks after a deploy.

WHAT WE CHECK

17 checks in parallel.
One final score.

It scores the app 0–100, counts critical/high/medium/low findings, and generates AI-powered fixes specific to the detected stack.

Exposed .env files

.git directory exposure

Missing security headers

Secrets in JS bundle

Supabase RLS misconfiguration

Firebase open rules

+ 11 more checks including rate limiting, auth bypass, SSL, domain reputation, breach history, slopsquatting

PRICING

One plan.
No tiers.

Free scan shows your score and vuln titles. Everything else — exact fixes, stack-specific code, weekly monitoring, email alerts — unlocks at €49/mo.

No second pricing tier until 50 paying users. That decision is already made.

SCORE NARRATIVE

0–30Your app is actively exploitable right now.

31–50Serious vulnerabilities. One Reddit post and someone finds them.

51–70Real issues but you're not the easiest target.

71–85Solid baseline. Better than most indie apps at this stage.

86–100Top 15% of indie SaaS. Share this score.

€49

ONE PLAN

/month · billed monthly

✓Full score card + all vulnerability details

✓AI-generated fix bundle (stack-specific, before/after code)

✓Weekly automated rescan

✓Email alerts when new vulns appear after a deploy

✓Security report PDF

✓Stack recommendations — better tools where relevant

✓5 apps · 60-day scan history

✓GitHub scan

COMING SOON · INCLUDED

start 7-day trial →

card required · cancel anytime · full access during trial