UNPWNED
Scan your site for vulnerabilities. Fix them with AI
Details
- Target Audience
- DevelopersDevOps EngineersIndie Hackers
- Pricing
- Freemium
- Platforms
- Web
About UNPWNED
UNPWNED is a passive web security scanner for indie hackers, vibe coders, and developers shipping AI-built apps. It scans your domain across 700+ security checks in under 2 minutes and detects leaked API keys, open endpoints, missing security headers, SSL/TLS issues, exposed config files (.env, credentials.json, SSH keys), Supabase/Firebase RLS misconfigurations, DNS auth gaps (DNSSEC, SPF, DKIM, DMARC), open API routes, dependency CVEs, and more. What makes it different: every finding ships with a copy-paste AI Fix Prompt tailored for Cursor, Claude, ChatGPT, GitHub Copilot, Lovable, Bolt, Replit, and v0. Scanner findings turn into one-shot fixes. Connect your GitHub repos for scheduled scans that detect 34+ secret patterns, vulnerable dependencies, and exposed config files, with auto-issue creation in your repo. Free to start (2 scans/month). Pro from $9/mo.
Product Insights
UNPWNED provides a web-based security scanning platform that combines 700+ security checks with AI-assisted remediation workflows for developers. The service integrates with GitHub to automate vulnerability detection across repositories and live domains.
- Rapid scanning performance completing over 700 security checks in under 2 minutes.
- Integrated AI Fix Prompts tailored for popular coding assistants like Cursor, Claude, and GitHub Copilot.
- Freemium pricing model starting at two scans per month with a low-cost $9 per month Pro tier.
- Broad detection scope covering 34+ secret patterns, API vulnerabilities, and DNS configuration gaps.
Ideal for: Developers, DevOps Engineers, and Indie Hackers who need to automate security testing and receive actionable fixes for AI-built applications.
Discount Codes
15% off for new subscribers(-15% OFF)
Valid until Jul 1, 2026
Screenshots
Reviews (2)
Average 4.0 out of 5
Based on 2 reviews
Beast of a site!
I like the idea but the problem I faced was that it didnt fully understand the context. For instance it gave my site a D, but a big part i think was because of allow inline scripts but its not an issue and its something i know about. It did tell me about DNSSEC though so that was good
Comments (3)
AI-powered vulnerability scanning with guided fixes is a much-needed tool for site security.
@chaudharyarun5797 Appreciate it! That’s exactly the pain we’re trying to solve, making security issues clear, actionable, and fixable without needing deep security expertise.
How did you come up with this?
@anshulmitra Honestly, it came from seeing how many websites have security gaps that go unnoticed until something breaks or gets exploited. We wanted UNPWNED to make security scanning simple: scan a domain, understand the risks, and get gui
Built UNPWNED after seeing too many sites get breached over basic misconfigurations. Scan your domain across 500+ security checks in minutes. Use code UN30-OFF for 30% off.