What is Agent-as-a-Service pentesting?

Agent-as-a-Service (AaaS) pentesting lets you chat with autonomous pentesting agents that scan your application on demand. Instead of waiting weeks for a manual engagement, you talk to specialized agents — pen-scout (recon and surface mapping), pen-recon (deeper enumeration), pen-triage (validates and prioritizes findings), pen-fixer (remediation guidance), and pen-compliance (OWASP/standards mapping). Findings are validated with proof-of-concept and re-test, not just flagged. You start with 150 free credits, no credit card.

What are credits and how do they work?

Credits are how you run agent scans. Each scan or agent action consumes credits based on its depth. New accounts get 150 free credits with no card required. After that you can buy one-time credit packs ($29, $79, or $199) for pay-as-you-go use, or subscribe to a monthly tier ($49, $149, or $399/mo) for continuous, on-demand pentesting. The agents pen-scout, pen-recon, pen-triage, pen-fixer and pen-compliance all draw from the same credit balance.

Yes. Every new account gets 150 free credits with no credit card required — enough to chat with the pentesting agents and run real scans against your app. There is also a free security headers scan at sable.somoswilab.com/free-scan and a sample report at sable.somoswilab.com/sample-report. The free tier runs on OpenRouter models so you can evaluate the autonomous agents before paying.

What is penetration testing for startups?

Penetration testing (pentesting) is a simulated cyberattack against your application to find security vulnerabilities before real attackers do. For startups, we focus on the issues that matter most at your stage: authentication flaws, data exposure, API security, and common mistakes in modern stacks like Next.js, Supabase, and Firebase.

How much does a pentest cost?

Traditional pentests cost $10,000-$50,000+. SableOffensive starts at $29 for a Pre-Launch Check covering OWASP Top 10 and secrets detection. Founder Shield ($79) adds IDOR testing, auth bypass, and a debrief call. Scale Secure ($199) is a full-scope assessment. Every plan includes a professional report with remediation steps.

How long does a security scan take?

Pre-Launch Check reports are delivered within 24-48 hours. Founder Shield and Scale Secure may take 2-3 business days depending on the complexity of your application.

What do I need to provide?

At minimum, just your application URL. For more comprehensive testing, we may ask for staging credentials, API documentation, or GitHub repository access. We sign NDAs for all engagements.

What is OWASP Top 10?

OWASP Top 10 is the industry standard list of the most critical web application security risks. It includes injection attacks, broken authentication, cross-site scripting (XSS), server-side request forgery (SSRF), and security misconfigurations. Every SableOffensive assessment tests against the full OWASP Top 10.

Do you test AI-generated code?

Yes. Code generated by AI tools like Cursor, GitHub Copilot, and v0 often contains subtle security issues: hardcoded secrets, missing input validation, insecure API patterns, and overly permissive access controls. We have specific testing procedures for AI-generated codebases.

How do you secure Supabase and Firebase apps?

For Supabase, we audit Row Level Security (RLS) policies, test for direct table access, and check for exposed service keys. For Firebase, we review security rules, test Firestore/RTDB access patterns, and check Cloud Functions for vulnerabilities.

What if you find zero vulnerabilities?

50% money back guarantee. If our scan finds zero security issues, you get half your money back.

Is there a free pentesting option?

Yes. SableOffensive offers a free security headers scan at sable.somoswilab.com/free-scan. It instantly checks your website for 8 critical security headers (HSTS, CSP, X-Frame-Options, and more) and gives you an A-F grade with copy-paste fixes. No signup or payment required.

Can I get a free vulnerability scan?

Our free security headers check scans your website instantly and grades your security posture. For a deeper free assessment, contact us — we occasionally offer complimentary scans for early-stage startups and open source projects.

FREE SCAN — 150 founder credits, no card

Free Security Scan for Your Stack

Find real vulnerabilities before someone else does. Sable’s autonomous pentesting agents scan your app for exposed secrets, misconfigurations, and the full OWASP Top 10 — and validate every finding with a proof-of-concept. Pick your stack or the vulnerability you’re worried about.

Start Free Scan — 150 Credits Instant Headers Check

Scan by Stack

Targeted checks for the stack you actually ship on.

Next.js

Scan your Next.js app for the misconfigurations that ship fastest.

React

Scan your React SPA for client-side secret leaks and XSS.

Vue

Scan your Vue / Nuxt app for client-side leaks and injection.

Supabase

Scan your Supabase app for RLS gaps and exposed service keys.

Vercel

Scan your Vercel deployment for exposed config and missing headers.

Node.js

Scan your Node.js backend for injection, SSRF, and dependency CVEs.

Express

Scan your Express API for broken auth, CORS, and missing hardening.

Django

Scan your Django app for DEBUG leaks, SSTI, and exposed admin.

Flask

Scan your Flask app for debug-mode RCE, SSTI, and weak sessions.

FastAPI

Scan your FastAPI service for exposed docs, broken auth, and IDOR.

Ruby on Rails

Scan your Rails app for mass assignment, SQLi, and exposed credentials.

Laravel

Scan your Laravel app for .env exposure, debug leaks, and mass assignment.

AI-Generated (Vibe-Coded)

Scan your AI-generated app for the security gaps LLMs ship by default.

WordPress

Scan your WordPress site for vulnerable plugins and exposed admin.

Scan by Vulnerability

Worried about one specific issue? Start there.

Exposed API Keys

Scan your app for leaked API keys, tokens, and secrets.

Wildcard CORS

Scan your API for dangerous Cross-Origin Resource Sharing config.

Missing CSP

Scan your site for a missing or weak Content-Security-Policy.

SQL Injection

Scan your app for SQL injection in queries and APIs.

Exposed OpenAPI / Swagger

Scan for publicly exposed API docs that map your whole backend.

Weak TLS

Scan your TLS config for deprecated protocols and weak ciphers.

What Every Sable Scan Checks

Exposed secrets & API keys

We scan your client-side bundles and responses for leaked API keys, tokens, database URLs, and 100+ secret patterns that ship to the browser by accident.

Security headers & TLS

HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, and TLS protocol/cipher configuration — graded A-F with copy-paste fixes.

CORS & access control

Overly permissive CORS, wildcard origins with credentials, and broken object-level authorization (IDOR/BOLA) where one user can reach another user's data.

Injection & API surface

SQL/NoSQL injection, exposed OpenAPI/Swagger specs, GraphQL introspection, mass assignment, missing rate limits, and excessive data exposure.

OWASP Top 10 coverage

Autonomous pentesting agents test against the full OWASP Top 10 2025, validate each finding with a proof-of-concept, and re-test after you fix.

Validated findings, not noise

Every reported issue is confirmed by an agent before it reaches you — so you get real, exploitable findings with severity and remediation, not scanner spam.

Start Your Free Scan

150 founder credits, no credit card. Point the agents at your app and get validated findings with proof-of-concept and fix guidance.

Get 150 Free Credits