Simple, transparent pricing.
Free
$0/ month
For trying it out
Get started- 3 scans per day
- Basic checks (headers, SSL, ports)
- Plain-English report
- AI fix prompt included
Most popular
Pro
$19/ month
For serious indie developers
Join waitlist- Unlimited scans
- All checks including frontend leaks, attack surface
- Platform-specific fixes (Next.js, Vercel, Railway)
- AI fix prompt with exact file paths
- Email alerts when your site changes
- API access
- Priority support
No credit card required for free tier. Cancel Pro anytime.
Frequently asked questions
What does the scanner actually check?
Open ports, SSL/TLS config, security headers, exposed paths, DNS misconfigurations, server fingerprinting, frontend leaks, and app attack surface — 8 categories total.
Is this safe to run on my site?
Yes. Marshell only makes the same requests a browser would make. No exploitation, no payload injection.
What's an AI fix prompt?
After every scan, Marshell generates a prompt you can paste directly into Claude Code, Cursor, or Copilot. It tells your AI exactly what's wrong and which files to edit.
Do you support non-Vercel deployments?
Yes — we detect your platform automatically. Vercel, Railway, Render, nginx, Apache, and more.