Plans

Pick the plan that fits your work.

Free scanning for everyone. Paid plans unlock PDF exports, API access, and higher scan limits.

Free

Free — always

No account required. Paste a URL and get an instant security report.

  • 50 scans/monthHTTP headers, TLS, DNS, cookies, cross-origin
  • A+ to F letter grade
  • Plain-English explanations for every finding
  • 20+ security checks per scan
  • PDF report export
  • Copy-paste fix recommendations
  • API access
Start scanning free →
Most popular

Pro

Built for freelancers

Everything you need to deliver client-ready security reports. One person, one business.

$7/month
  • Everything in Free
  • Branded PDF report exportExecutive summary, per-finding fixes, client-ready
  • Full fix recommendations per findingCopy-paste header values and DNS records
  • API access (REST)Coming soon — scan automation via API key
  • Priority email support
  • Multiple API keys / team seats
  • Bulk / scheduled scanning

Agency

Built for teams

Monitor multiple client domains automatically. Scheduled scans, emailed PDF reports, no manual work.

$28/month
  • Everything in Pro
  • 25 domains monitored
  • 500 scans/month10× Pro limit
  • Weekly or monthly scheduled scansRuns automatically — no manual trigger needed
  • Email PDF deliveryPDF report per domain, delivered to your inbox
  • Agency dashboardManage domains, view history, download PDFs

No subscription needed

One-Time Scan

Need just one full report? Pay once, get a complete Pro-level scan — all headers, TLS, DNS, cookies, cross-origin, and fix recommendations. No account required.

$2
one-time · scan link sent by email
Buy one scan →

One-time · No subscription

Compliance Report

Maps your scan results to OWASP Top 10, PCI-DSS v4.0, GDPR Article 32, and ISO 27001:2022. PDF with executive summary, per-framework pass/fail tables, CWE references, and prioritised fixes. Learn more →

$3
one-time · PDF emailed within 60 s
Get compliance report →

FAQ

Common questions

Do I need an account for the free tier?

No. Free scans require nothing — no login, no email, no API key. Paste a URL and go.

What payment methods are accepted?

India-based users pay via Razorpay (UPI, NetBanking, credit/debit card, wallets — INR). International users pay via LemonSqueezy (credit/debit card — USD). The checkout will automatically use the right option for your location.

Can I cancel any time?

Yes. Cancel at any time — no questions asked.

International (LemonSqueezy): Cancel self-serve at webaudit-in.lemonsqueezy.com/billing.
India (Razorpay): Use the cancel button in your Pro dashboard, or email hello@webaudit.in.

No future charges after cancellation is confirmed. See the Refund Policy for details.

Are PDFs stored on your servers?

No. PDFs are generated on demand and streamed directly to your browser. Nothing is saved server-side. See our Privacy Policy.

What does the PDF report look like?

It is a white, professional A4 document with an executive summary, per-finding severity labels, copy-paste fix recommendations grouped by priority, and a branded WebAudit cover. Designed to hand directly to a client without any additional editing.

What is the API?

A REST API you call with an API key header. POST /api/scan returns full JSON results. POST /api/report/pdf returns a PDF binary. Use it to integrate WebAudit into your own scripts, CI pipelines, or client portals.