Authorized security testing

Know your exposure before someone else does.

Bug Circuit shows you what attackers already see about your domain: the subdomains, the tech stack, the misconfigurations they poke at first. Then our team goes hunting for the bugs that actually matter.

Passive recon only. No login, and no impact on your site. Deeper testing needs domain verification.

10+ OSINT sources No login required Results in seconds
passive recon
complete
acme-corp.com
0 subdomains · 0 technologies
B+
0
Critical
0
High
0
Medium
0
Low
api.acme-corp.comCDN104.18.22.4
mail.acme-corp.com172.66.0.19
staging.acme-corp.comCDN104.18.22.4
+ 9 more subdomains unlock in the full report
How it works

From domain to defensible in three steps

A funnel built around one rule: we never test what you haven't proven you own.

01

Enter your domain

The moment you hit enter we run passive OSINT: subdomains, technologies, DNS and email posture. No login, and no impact on your site.

02

Prove you own it

Verify by email, DNS, a file, or a meta tag. We never run active testing until you have proven the domain is yours.

03

Get your findings

A free severity breakdown to start, then detailed findings and real human pentesting once you upgrade.

Capabilities

Everything an attacker sees, and what to do about it

Fast recon maps the surface. Then a real person tests it by hand and tells you exactly what to fix.

Subdomain discovery

We pull from ten passive sources like CT logs, passive DNS, urlscan and Wayback, then merge them and resolve what is actually live.

Technology fingerprint

Server, framework, CDN or WAF, and analytics, all read from a single request to your homepage.

DNS & email posture

A/AAAA records, mail and DNS providers, SPF and DMARC. These are the gaps attackers probe first.

Free critical check

Verify your domain and our team checks it by hand, then tells you yes or no whether it has any critical bugs. No card, no catch.

A real person audits it

Our team hunts your site by hand, writes up every issue, and on Signal we fix the high and critical ones for you.

Realtime status

Watch a request move from received to report-ready, live. You never have to hit refresh.

Pricing

One domain. One clear price.

Start with a free critical-bug check. Upgrade when you want the full report, or the full report plus fixes and ongoing cover for as long as you need it.

Pulse

Is your site exposed? Find out.

$0free
  • 1 domain
  • Manual critical-bug check by our team
  • A straight yes or no answer
  • Standard queue · no report, no card
Scan free
  • Covers one domain that you have verified you own.
  • A member of our team reviews it by hand — there is no automated scanner.
  • You get a single answer: does your site have any critical bugs, yes or no.
  • Free checks sit in our standard queue and are not prioritised.
  • No written report and no severity breakdown are included.
  • No card is needed, and you can upgrade any time to see the detail.
Circuit

A deep audit, done by hand.

$49one-time
  • 1 domain
  • A person audits your whole site
  • Full written report of every bug we find
  • Premium support + a real contact
Get Circuit
  • Covers one domain that you have verified you own.
  • A security engineer manually audits your whole site, by hand.
  • You receive a full written report of every vulnerability we find.
  • Each finding comes with its severity, the evidence, and a clear fix.
  • This is a one-time engagement with no ongoing monitoring.
  • Includes premium support and a named person from our team as your contact.
Most popular
Signal

We find it, we fix it, we watch it.

$2993 months

Extend in 3-month blocks. +$36 per extra 3 months.

  • 1 domain
  • Full manual audit + report
  • We fix every high and critical for you
  • Security cover as you ship updates
  • Premium support + a real contact
Get Signal
  • Covers one domain that you have verified you own.
  • The same full manual audit and written report as Circuit.
  • We fix every high and critical issue for you, not just report it.
  • Includes 3 months of security cover so we watch your app as you ship updates.
  • Extend the cover in 3-month blocks whenever you need longer.
  • Includes premium support and a named person from our team as your contact.
FAQ

Questions, answered

Is this legal? Are you allowed to scan my site?

The free recon is completely passive. It reads public sources like certificate logs, DNS and a single homepage request, and never attacks your site. Anything active is gated behind proof that you own the domain, plus a recorded Authorization to Test.

Will scanning affect my website?

No. Passive reconnaissance puts no meaningful load on your infrastructure. Active testing only runs after you verify ownership and explicitly authorize it, and always within an agreed scope.

How do I prove I own a domain?

Four ways: a one-time code to a role address on your domain (recommended), a DNS TXT record, a file at /.well-known, or a meta tag on your homepage.

What do I get for free?

The free Pulse check gives you one thing: a straight yes or no on whether your site has any critical bugs right now. It does not include the report. If you want the full list of what we found and how to fix it, that is what Circuit and Signal are for.

What's the difference between Circuit and Signal?

Circuit ($49, one-time) is a manual audit: a person goes through your whole site by hand and hands you a full written report of every vulnerability. Signal ($299) does that same audit, then we fix the high and critical issues for you and keep your app secure for three months as you ship updates. You can extend the cover whenever you like.

Do you use automated scanners to test my site?

The recon that maps your surface is automatic and passive. The actual security testing is done by a person, by hand. Real bugs get found by someone who understands your app, not a scanner firing templates at it.

Isn't a $49 audit just an automated scan with a fancy name?

Fair question — a lot of cheap "pentests" are exactly that. Ours is not. We keep the price low by scoping each audit to a single domain and doing focused manual work, not by running a scanner and relabelling the output. A named person reviews your site by hand and writes up what they actually found. If it were an automated scan, we would say so.

Do you actually fix the vulnerabilities, or just hand me a report?

On Circuit ($49) you get the full report so you or your developer can fix things. On Signal ($299) we go further and fix the high and critical issues for you, then keep watching your site for three months as you ship changes. Most audits stop at the report — we can take it all the way to fixed.

What's the difference between a vulnerability scan and a penetration test?

A vulnerability scan is a tool that checks your site against a list of known issues — fast, cheap, and it misses anything that needs human reasoning, like broken access control or business-logic flaws. A penetration test is a person actively trying to break in the way a real attacker would. Bug Circuit is the second kind: a manual, human test, just at a price a small business can afford.

Can you audit my WordPress, Shopify, or WooCommerce site?

Yes. We test the parts you control — your themes, plugins, custom code, configuration, checkout and access controls — which is where almost every real-world small-business breach starts. We work on any web stack; WordPress and e-commerce sites are some of the most common ones we look at.

Do paid plans come with support?

Yes. Both Circuit and Signal include premium support and a real person from our team as your point of contact, not a shared inbox.

See what attackers see. Today.

Run a free passive recon on your domain in seconds, then decide how deep you want to go.