Continuous vulnerability scanning, attack surface intelligence, and self-learning AI analysis. Verification Engine eliminates false positives. Compliance mapping for NIS2, ISO 27001, and OWASP. AI agent ready via MCP — hosted in Sweden.
Free passive security check — no account required
Automated vulnerability scanning, external attack surface management, and AI analysis — built and hosted in Sweden.
Automated daily scans using 30+ professional tools including Nuclei, Nmap, Nikto, and SQLMap. Covers OWASP Top 10, known CVEs, misconfigurations, and exposed services.
Continuous discovery of subdomains, IP addresses, open ports, and technologies. External attack surface management (EASM) that maps your full exposure.
Every scan runs through a 4-pass AI pipeline: triage, correlation, deep analysis, and executive reporting. Identifies attack chains, lateral movement paths, and generates audit-grade reports with CVSS justification — delivered daily via email and dashboard.
Continuous monitoring of 25+ cloud services for dangling DNS records — AWS S3, Azure, GitHub Pages, Heroku, Netlify, Shopify, and more. Instant alerts when a subdomain becomes vulnerable to takeover.
Connect Claude Code, Cursor, Windsurf, or any MCP-compatible AI assistant directly to your security dashboard. Manage targets, trigger scans, and review findings through natural language — your AI agent becomes your security analyst.
Four built-in profiles: Vibecode Audit for AI-built apps, Standard Pentest for thorough testing, Stealth Scan for production systems, and Passive Recon for zero-touch analysis. Create custom profiles for specific needs.
Scan templates auto-update daily with the latest CVEs, zero-days, and novel attack techniques from the security community. AI correlates findings into attack chains and identifies lateral movement paths unique to your infrastructure.
Deploy lightweight scan agents inside your network for internal vulnerability scanning. Outbound-only connections — no inbound firewall rules needed. Docker one-liner deployment with enterprise-grade encryption.
Automated daily screenshots and deep content analysis. Self-learning AI baseline detects injected scripts, defacement, removed security headers, and unauthorized changes — not routine content updates.
Automatically map scan findings to NIS2 Directive, ISO 27001 Annex A, and OWASP Top 10 controls. See which requirements you meet, which need attention, and track compliance score over time.
Our platform is built around three core engines that work together to deliver verified, actionable findings.
Self-learning false positive elimination. Cross-references findings across tools, detects SPA catch-all patterns, and improves with every scan cycle. Only real vulnerabilities reach your dashboard.
Maps relationships between discovered assets — subdomains, IPs, technologies, and services. Understands your attack surface topology to prioritize findings by actual reachability and business impact.
Autonomous AI agents run a 4-pass analysis pipeline on every scan. Triage, correlation, deep analysis, and executive reporting — producing plain-language reports your team can act on immediately.
Enter your domains and we automatically discover subdomains, open ports, and exposed services across your attack surface.
30+ security tools run daily scans — vulnerability detection, web application testing, SSL analysis, and subdomain takeover checks. Scan templates auto-update with the latest CVEs and zero-days.
AI analyzes every finding and delivers plain-language reports with prioritized recommendations straight to your inbox.
Integrate vulnerability scanning into your CI/CD pipeline or connect your AI assistant via MCP. Queue on-demand scans, retrieve findings, manage targets programmatically, or let your AI agent handle it through natural language.
curl -H "Authorization: Bearer ps_live_..." \
https://pentesting.se/api/v1/scans \
-d '{"target": "example.com",
"profile": "standard"}'Detect unauthorized changes to your websites before your customers do. Our AI learns what normal looks like and alerts you when something suspicious appears.
Daily screenshots & full DOM analysis
AI baseline learning filters noise from real threats
Instant alerts via email or webhook
Tracks scripts, headers, forms, meta tags & more
AI-generated app vulnerabilities
Full web application security
WAF evasion, low-noise scanning
Zero-touch reconnaissance
All plans include daily scanning and AI-powered reports.
| Service | Daily scans | AI reports | Swedish | EASM | Profiles | Site monitoring | Price |
|---|---|---|---|---|---|---|---|
| Pentesting.se | From 249 SEK | ||||||
| Detectify | From $275/mo | ||||||
| Intruder | From $172/mo | ||||||
| Pentest-Tools | From $85/mo | ||||||
| Qualys | Custom |
Start a free trial — no credit card required.