Pick your stack — $99 security audit, 24h delivery.

Same auditor, same $99, same 24h SLA. Active anon-probe confirms each leak before flagging. Pick the page that matches your stack:

Supabase
RLS gaps · public storage · SECURITY DEFINER · anon-grant residue
PocketBase
Default-rule wildcards · admin-API exposure · anonymous record reads
Appwrite
"any" role grants · public storage buckets · execute-functions exposed
Nhost / Hasura
Anonymous GraphQL · missing role permissions · subscription leaks
Firebase
Firestore rules · Realtime DB allow:true · public Storage · weak auth providers

More security audits

Stripe Webhook
Unsigned events · replay attacks · idempotency gaps
AWS S3 Bucket
Public buckets · ACL leaks · CORS wildcards · ListBucket exposed
GitHub Actions
Secret leaks in logs · pull_request_target gaps · supply-chain
@Perufitlife · MIT open source auditors for all five stacks