See the real difference. We ran both tools on example.com
to show you exactly what Pro customers get.
$0 - Lead capture teaser
Included with Pro ($8,000/mo)
CLI queries crt.sh to find ALL subdomains that ever had SSL certificates issued - not just common prefixes.
m.example.com, products.example.com, support.example.com - none are in typical wordlists.
CLI detected that example.com (23.215.0.136) is directly exposed while www is behind Cloudflare.
| Capability | Free Web Scan | Self-Check CLI (Pro) |
|---|---|---|
| Subdomain Discovery | 12 common prefixes | 500+ via Certificate Transparency |
| CDN Detection | 6 providers (headers) | 12 providers + CNAME chain analysis |
| WAF Detection | No | 8 providers (Cloudflare, Imperva, F5...) |
| API Gateway Detection | No | 4 providers (Kong, Apigee, AWS, Azure) |
| Service Mesh Detection | No | 4 providers (Envoy, Istio, Linkerd) |
| Multi-layer Analysis | No | CDN → WAF → LB → Origin |
| Origin Exposure Detection | Basic | Full IP + direct access testing |
| Risk Scoring | Simple (Low/Med/High) | 1-10 scale with findings breakdown |
| Output Formats | Web UI only | JSON, HTML, Markdown |
| CI/CD Integration | No | GitHub Actions, cron jobs |
| Local/Offline Scans | No | Unlimited |
The free scan is a teaser. For comprehensive DDoS vulnerability assessment with full subdomain discovery, upgrade to Pro.