SiteInspect

Simple, transparent pricing

Start free. Upgrade to monthly or yearly plans for more scans and full reports. Yearly plans save 20%.

Free

Single-URL scan, no account required.

  • One URL per scan
  • Readiness score
  • Top 3–5 critical findings
  • SEO, accessibility, compliance, security
Start free scan

Paid plans

Multi-page scans, full report, PDF export, dashboard, and CI/MCP. Choose monthly or yearly (20% off).

What you get with every plan

Full report

Prioritized findings, screenshots, and PDF export for sharing.

Dashboard & history

Track scans, verified domains, and team access in one place.

CI & MCP

Run scans in GitHub/GitLab pipelines and from Cursor via MCP.

Pentesting

A narrowly scoped automated scan option and hands-on penetration testing. Use readiness scans for ongoing checks; add a pentest for pre-launch, compliance, or periodic deep dives.

Basic pentest (automated)

Fixed price

You verify the domains to scan (up to 4 unique base domains, unlimited subdomains). A very narrowly scoped scan targeting specific checks that apply to most sites and APIs.

  • Security headers & cookie flags (CSP, HSTS, HttpOnly, SameSite)
  • TLS/SSL configuration & CORS
  • Information disclosure & common misconfigurations
  • Parameter tampering & injection-surface checks
  • Verify domains · Up to 4 base domains + subdomains
Get started

Basic (hands-on)

Starting at $4,500

Single web app or small scope. A hands-on exercise: our team runs exploit testing and delivers a prioritized report. Ideal for one product or pre-launch.

  • IDOR & broken object-level authorization
  • Authentication bypass & privilege escalation
  • Session fixation, hijacking & business logic
  • SQLi, XSS, CSRF (manual exploitation)
  • OWASP Top 10 · Prioritized report & remediation

Professional

Starting at $12,000

Multiple apps, APIs, or auth flows. Hands-on testing with deeper business-logic and authorization work. Good for product suites or compliance prep.

  • IDOR, BOLA/BFLA & authz testing
  • Session & auth flow exploitation
  • Business logic & file/path traversal
  • Multiple apps or APIs · Grey-box option
  • Detailed report + optional retest

Enterprise

Starting at $25,000

Full scope, compliance-focused (e.g. PCI, SOC 2), or red-team style. Hands-on exploit testing and tailored deliverables.

  • IDOR & full exploit testing
  • Custom scope & compliance alignment
  • Dedicated contact & retest

Learn more · Docs

AI prompt injection testing

Test LLM-powered chat UIs and APIs for prompt injection, jailbreaking, system-prompt leakage, and guardrail bypass. Available as an automated scan (run on demand or from CI) and as a hands-on, red-team style assessment.

Automated scan

From $1,500

One target (e.g. one chat URL or one API). We run a battery of prompt-injection and safety checks and deliver a report with findings and remediation guidance. Add more targets or re-runs for regression.

  • Prompt injection & indirect injection
  • Jailbreaking & refusal bypass
  • System-prompt & data leakage checks
  • Report with payloads and recommendations
Get started

Hands-on (single scope)

Starting at $6,500

One AI feature or product (e.g. one chat interface, one API). Our team runs a hands-on assessment: custom prompts, multi-turn and context tests, and business-logic abuse. Prioritized report with proof-of-concept prompts.

  • Custom attack design for your use case
  • Multi-turn & context-window testing
  • Integration & data-flow review
  • Prioritized report + remediation

Hands-on (multi-scope)

Starting at $14,000

Multiple models, APIs, or chat products. Deeper coverage and optional grey-box access (e.g. docs, staging). Good for product suites or pre-compliance (SOC 2, etc.).

  • Multiple targets & models
  • Grey-box & documentation review
  • Compliance-oriented deliverables
  • Detailed report + optional retest

Enterprise / custom

Custom

Full scope, red-team style, or compliance-focused (e.g. PCI, vendor questionnaires). Tailored scope and deliverables.

  • Custom scope & timeline
  • Dedicated contact & retest

Learn more

Load testing

One automated option (one run per credit) and hands-on engagements. We run load tests against your app or API and deliver a report with throughput, latency, and recommendations.

Load test (automated)

Per run

One automated load test run. Enter your target URL in the dashboard; we run the test and deliver a report. Purchase credits in Settings → Billing; one credit per run.

  • Throughput & latency under load
  • Target URL (app or API endpoint)
  • Report with recommendations
  • Create runs from Load testing in dashboard
Get started

Basic (hands-on)

Fixed price

1–2 days, single app or API. Our team runs the load test and delivers a report with baseline metrics and recommendations.

  • Single target (app or API)
  • Throughput, latency, error rate
  • Prioritized report & remediation

Standard (hands-on)

Fixed price

3–5 days, multiple scenarios. Performance baseline, stress and soak tests, and a detailed report with recommendations.

  • Multiple scenarios & endpoints
  • Stress & soak testing
  • Detailed report + optional retest

Enterprise (hands-on)

Custom

Full assessment, SLA, and ongoing support. Tailored scope and deliverables for large or compliance-focused engagements.

  • Custom scope & timeline
  • Dedicated contact & retest

Docs

Questions? See the FAQ or documentation.