← All website monitoring tools
Free Tier (20 options, 2026)
Tools with a free plan or always-free tier — perfect for solo projects, side businesses, or testing before committing to paid plans.
Most popular free open-source DAST scanner — active/passive web scanning, intercepting proxy, CI/CD integration.
Industry-standard pentest proxy — free Community for manual work, Pro $449/yr per user, Enterprise from $6,995/yr.
Developer-first SCA + SAST — Git/IDE/CI integration, generous free tier, paid Team from $25/dev/mo.
Online toolkit of 25+ pentest scanners (web, network, recon) — paid plans from $93/mo with unlimited scans.
Developer-DAST built on top of ZAP — CI-native, free tier, paid from $49/app/mo.
Industry-standard host/network vulnerability scanner — Essentials free for 16 IPs, Pro $3,590/yr.
Open-source vulnerability scanner descended from Nessus — free Community Edition, paid appliances for enterprise.
Template-driven fast scanner — community templates cover thousands of CVEs. Free CLI, paid managed cloud.
Long-running open-source web server scanner — checks 6,700+ dangerous files and outdated software.
Standard network discovery + port/service scanner — universal first step for any audit.
Open-source SIEM/XDR with file-integrity, vuln detection, compliance audit modules — also paid Wazuh Cloud.
Best-known WordPress/CMS malware scan + cleanup. Free SiteCheck, paid Platform from ~$199.99/yr per site.
WordPress endpoint security plugin — most installed WP firewall, paid Premium from $119/yr per site.
WordPress-specific vulnerability database + scanner — free CLI with optional API key.
WordPress + plugin CVE feed with virtual patching — paid plans from $5/site/mo.
Malware scanner with shellcode detection — free one-time scan, paid monitor from $20/mo.
Free public TLS/SSL grading service — de-facto standard for cipher and config audit.
Free HTTP security header grader — checks CSP, HSTS, X-Frame-Options, cookies.
AI-assisted DAST with free starter tier — paid plans from $99/mo, popular with SMB SaaS.
DAST + dark-web monitoring + compliance reporting — free public tests, paid quote-based platform.
Tips for free tools
- Free tiers typically limit you to a few sites or basic features.
- Self-hosted free options give unlimited but require server admin.
- Watch for hidden caps on free tiers (data, regions, retention).