Documentation

This Next.js app is an isolated UI sandbox for PenTest Bot: marketing pages, Supabase email login, a dashboard-style feed, zero-cost URL checks, and pricing flows for the $99 report plan and $999 scale tier.

Sign-in uses Supabase email/password. Set NEXT_PUBLIC_SUPABASE_URL and NEXT_PUBLIC_SUPABASE_ANON_KEY (see project root .env.local). After login, users land on the dashboard feed.

/ — Marketing landing

/auth/login — Sign in

/dashboard — Feed and zero-cost checks (after login)

/free-security-check — Full URL surface scan UI (after login)

/reports — Pentest & report delivery ($99 funnel)

/pricing — Plan overview

/pricing/starter-99 — $99 report plan details

/pricing/scale-999 — Scale plan

/docs — This page

The URL surface scan is a shallow, client-side preview for UX. It does not replace a full engagement. The $99 PenTest Bot Report plan is described as delivering a complete PDF, email copy, full finding register, remediation ordering, and optional mutual NDA—see /pricing/starter-99.

Users must enter their own domain. Placeholder hosts such as example.com are rejected so accidental Enter does not run a meaningless scan.

PenTest Bot is designed to notify you in the tools you already use. Wire your backend to post into Slack, Microsoft Teams, Jira, GitHub/GitLab checks, Azure Pipelines, and GRC tools (Drata, Vanta) when findings change. This UI foundation shows the in-app feed; each integration is a configuration surface you add in your deployment.