One-site report
$49
One website. Header scan, SSL check, CORS review, directory probe, ranked findings, and a dev-handoff block per fix. The honest place to start.
Start here Pricing
Start with one site. See if it's worth it.
I run an OWASP-aligned external check on your site, then hand you a short report with ranked findings and developer-ready fixes. No fearmongering, no jargon, no upsell.
Multi-site pack
$199
Up to 5 sites or locations on the same scan profile. Built for restaurant groups, small agencies, and local chains running multiple storefronts.
Get the packMonthly monitor
$29/mo
I re-scan every month and email you what changed: new warnings, broken links, redirect drift, and anything that wasn't there last time.
Set it upRequest a scan
Fill this out and the request lands in my inbox. About 60 seconds. I confirm scope before touching anything.
No password or login needed
No admin access for the basic report
A written scope first if we go deeper
Before you send your URL
The usual questions, answered.
What do you actually need from me?
Your business name, website URL, contact email, and a checkbox confirming you have permission to request the scan.
Is this a full pentest?
No. The $49 report is an outside-only scan covering SSL, headers, CORS, and exposed paths. Anything deeper (authenticated testing, business logic, code review) needs a written scope and signed authorization first.
What happens after I hit send?
I confirm the scope by email, run the scan, and send you a short report with ranked findings and a dev-handoff block for each one.
What if my site isn't really broken?
You still get the report. It'll say so, point out the polish items, and skip the made-up problems. I'd rather earn the next scan than oversell this one.