Security for AI-built products

You build.
We secure.

Security audits designed for the AI development era. Your agent can request audits via API, or submit a request yourself. Multi-agent scanning with CVSS-scored reports.

API Documentation Request Audit
POST /api/audit-request 
// Your agent requests a security audit
{
  "target_url": "https://your-app.com",
  "scan_type": "full",
  "callback_url": "https://your-app.com/webhook",
  "contact_email": "[email protected]"
}

// Response
{
  "status": "accepted",
  "audit_id": "aud_7x9k2m",
  "agents_assigned": 5
}
55+
Vulnerabilities found
5
Parallel scanning agents
~10 min
Average scan time
7
Critical findings
For agents

Integrate security into your pipeline

No UI required. Send a POST request with your target, receive a structured vulnerability report via webhook. JSON in, JSON out.

POST /api/audit-request 
{
  "target_url": "https://your-app.com",
  "scan_type": "full" | "quick" | "contracts",
  "callback_url": "https://your-app.com/webhook",
  "contact_email": "[email protected]",
  "agent_name": "BuilderBot/1.0",
  "services": ["web", "api", "infra", "contracts"],
  "priority": "standard" | "high"
}
200 Response 
{
  "status": "accepted",
  "audit_id": "aud_7x9k2m",
  "estimated_time": "10-15 minutes",
  "agents_assigned": 5,
  "report_url": "https://0xaudit.com/r/aud_7x9k2m",
  "pricing": {
    "plan": "agent",
    "amount": 300,
    "currency": "USD"
  }
}
WEBHOOK Callback on completion 
{
  "event": "audit.completed",
  "audit_id": "aud_7x9k2m",
  "summary": {
    "total": 27,
    "critical": 2,
    "high": 5,
    "medium": 11,
    "low": 9
  },
  "report_url": "https://0xaudit.com/r/aud_7x9k2m",
  "report_pdf": "https://0xaudit.com/r/aud_7x9k2m.pdf"
}
GET /api/pricing 
{
  "plans": [
    { "id": "quick",      "price": 0    },
    { "id": "agent",      "price": 300  },
    { "id": "pro",        "price": 2000 },
    { "id": "enterprise", "price": 5000,
      "note": "starting price" }
  ],
  "currency": "USD"
}

No SDK or API key required. Send a POST request, receive an audit. Webhook notification on completion. Full API reference is available below.

Services

Your AI agent builds fast.
We verify it's secure.

AI-generated code introduces security blind spots at scale. We identify vulnerabilities before they reach production.

AI Agent Security

Prompt injection resistance, API key exposure, data leakage through responses, authentication and authorization flow testing.

Web Application & API

Full-stack security assessment. REST and GraphQL endpoints, injection vectors, CORS, security headers, SSL/TLS, rate limiting.

Smart Contract Audit

Solidity and EVM bytecode analysis using Slither and Mythril. Reentrancy, integer overflow, access control, economic attack vectors.

Infrastructure

Network reconnaissance, cloud misconfiguration detection, container security, exposed services, DNS enumeration.

Continuous Monitoring

Ongoing automated scanning of your attack surface. Alerts on new vulnerabilities, configuration drift, and exposed assets.

A2A Integration

Agent-to-agent protocol support. Your build agent can trigger audits, receive results, and act on findings — no human in the loop.

Process

01

Scope

Submit via form or API. Define targets, services, and priority.

02

Scan

Five specialized agents scan in parallel — web, API, infrastructure, contracts, OSINT.

03

Report

CVSS-scored findings with proof-of-concept and remediation guidance.

04

Verify

Apply fixes. We re-scan to confirm remediation.

Results

Recent engagements

Representative findings from client assessments.

Stratwise

AI Trading Platform · stratwise.ai

27

vulnerabilities identified

5 Critical 5 High 11 Medium 6 Low

Authentication bypass, API key exposure, missing rate limiting, and insecure direct object references across the trading API.

NovaWallet

Crypto Wallet · app.novawallet.org

28

vulnerabilities identified

2 Critical 7 High 12 Medium 7 Low

Smart contract vulnerabilities, web application misconfigurations, and infrastructure issues across the full deployment stack.

Pricing

Plans

Same pricing for API and manual requests. Agents can query plans via GET /api/pricing

quick

Free
  • + Headers and SSL check
  • + CORS analysis
  • + Basic misconfigurations
  • + Instant results
  • - Deep scanning
Start free

agent

$300
  • + Full automated scan
  • + 5 parallel agents
  • + CVSS-scored report
  • + API and web audit
  • + 1 re-scan
Get audit
Recommended

pro

$2,000
  • + Manual + automated testing
  • + Smart contract audit
  • + Infrastructure pentest
  • + Prompt injection testing
  • + 3 re-scans
Get started

enterprise

$5,000+
  • + Continuous monitoring
  • + Unlimited targets
  • + Dedicated agent team
  • + SLA and priority support
  • + Custom integrations
Contact us
API Reference

Documentation

Base URL: https://0xaudit.com

POST /api/audit-request Submit a new audit request

Request body

{
  "target_url": "string",       // required
  "scan_type": "string",        // "quick" | "full" | "contracts"
  "callback_url": "string",     // webhook endpoint
  "contact_email": "string",    // report delivery
  "agent_name": "string",       // optional identifier
  "services": ["string"],       // web, api, infra, contracts, osint
  "priority": "string"         // "standard" | "high"
}

Response 200

{
  "status": "accepted",
  "audit_id": "aud_7x9k2m",
  "estimated_time": "10-15 minutes",
  "agents_assigned": 5,
  "report_url": "https://0xaudit.com/r/{audit_id}",
  "pricing": {
    "plan": "agent",
    "amount": 300,
    "currency": "USD"
  }
}
GET /api/audit/{audit_id} Check audit status 
{
  "audit_id": "aud_7x9k2m",
  "status": "in_progress" | "completed" | "failed",
  "progress": 72,
  "agents_active": 3,
  "findings_so_far": 14
}
GET /api/audit/{audit_id}/report Retrieve full report 
{
  "audit_id": "aud_7x9k2m",
  "target": "https://your-app.com",
  "completed_at": "2025-01-15T10:32:00Z",
  "summary": {
    "total": 27,
    "critical": 2,
    "high": 5,
    "medium": 11,
    "low": 9
  },
  "findings": [
    {
      "id": "VLN-001",
      "severity": "critical",
      "cvss": 9.8,
      "title": "Authentication Bypass via JWT",
      "description": "...",
      "remediation": "...",
      "proof_of_concept": "..."
    }
  ],
  "report_pdf": "https://0xaudit.com/r/aud_7x9k2m.pdf"
}
GET /api/pricing Current pricing plans 
{
  "plans": [
    {
      "id": "quick",
      "price": 0,
      "name": "Quick Scan",
      "includes": ["headers", "ssl", "cors", "basic_misconfigs"]
    },
    {
      "id": "agent",
      "price": 300,
      "name": "AI Agent Audit",
      "includes": ["full_scan", "5_agents", "cvss_report", "1_rescan"]
    },
    {
      "id": "pro",
      "price": 2000,
      "name": "Professional",
      "includes": ["manual", "contracts", "infra", "prompt_injection", "3_rescans"]
    },
    {
      "id": "enterprise",
      "price": 5000,
      "name": "Enterprise",
      "note": "starting price, contact for quote"
    }
  ],
  "currency": "USD"
}

Quick start

terminal
# Submit an audit
curl -X POST https://0xaudit.com/api/audit-request \
  -H "Content-Type: application/json" \
  -d '{
    "target_url": "https://your-app.com",
    "scan_type": "full",
    "contact_email": "[email protected]"
  }'

# Check status
curl https://0xaudit.com/api/audit/aud_7x9k2m

# Get report
curl https://0xaudit.com/api/audit/aud_7x9k2m/report

# Get pricing
curl https://0xaudit.com/api/pricing
Contact

Request an audit

For programmatic access, use POST /api/audit-request