Automated security scanning for web applications.
30+ parallel checks. AI-powered findings. Fix prompts for your IDE.
UNPWNED scans live websites for real security vulnerabilities and generates actionable fix instructions. Paste a URL, get a scored security report in under 5 minutes.
- 30+ security checks run in parallel: SSL/TLS, headers, exposed secrets, DNS, CORS, open ports, cookies, malware, Supabase RLS, API auth
- GitHub repo scanner detects 34 hardcoded secret patterns across your codebase
- AI-powered findings with severity scoring and plain-English explanations
- Fix prompts tailored to your IDE: Claude, Cursor, Bolt, Lovable, Copilot, and 10 more
- Continuous monitoring with daily/weekly scans and Slack/Discord alerts
- Security score tracking over time to catch regressions before users do
1. Paste your URL --> 30+ scanners run in parallel
2. AI analyzes results --> Severity-scored findings with business impact
3. Copy fix prompt --> Paste into Claude/Cursor/Bolt and ship the fix
| Layer | Stack |
|---|---|
| Frontend | Next.js 16, React, TypeScript, Tailwind CSS |
| Backend | Supabase (RLS on every table), Neon Serverless |
| AI | Claude API (Anthropic) for analysis and fix generation |
| Infra | Vercel, Cloudflare (WAF/DDoS), Resend (email) |
| Security | HMAC webhook verification, rate limiting, honeypot system, SSRF guard |
| Payments | Freemius (merchant of record) |
| Project | What it does |
|---|---|
| UNPWNED | AI security scanner for web applications |
| Quor | Quote generation with legally-binding digital signatures |
| FlowEco | Financial management platform (Hebrew market) |