Cost Estimator

Estimate your penetration test cost

Other providers generate an instant number from an algorithm, then hide it behind an email wall. We give you an honest indicative range drawn from real engagement data, open and visible with no form to fill.

Select your testing type, answer a few quick questions about scope, and see a transparent price range. A fixed-price quote follows a short scoping call.

Get a Formal Quote Book a Scoping Call
CREST Pathway UK Cyber Security Council member Cyber Essentials certified

Interactive Estimator

Estimate the cost of your penetration test

Select a service type, answer the scope questions, and see an indicative price range. All ranges are drawn from real engagements and are consistent with our published pricing .

Step 1. Select your testing type

Step 2. Tell us about your scope

Is the application authenticated, and how many user roles will be tested?

How would you describe the application?

Roughly how large is the application?

Approximately how many pages are on the site?

Does the site use bespoke or custom-developed code?

Does the site have a login or member area to test?

How many API endpoints are in scope?

What type of API?

Is the API authenticated, and how many roles will be tested?

How many hosts or IP addresses are in scope? (the full range; not all need to be live)

Are there multiple domains or subdomains in scope?

What is exposed on the perimeter?

Is cloud infrastructure included in scope?

How many servers are in scope? (workstations are sampled, not counted individually)

Does the environment use Active Directory, and how complex is it?

Is the network segmented, and is a CDE or regulated zone in scope?

Which platforms are in scope?

Does the app rely on a separate API or backend that also requires testing?

How many distinct user roles will be tested?

How would you describe the application's complexity?

Does the application communicate with external servers or services?

Does the application rely on a server-side or backend component that also needs testing?

Indicative ranges by service

ServiceIndicative range
Web Application Testing£2,700 to £8,000+
Website Security Testing£750 to £2,400+
API Penetration Testing£1,800 to £8,500+
External Network Testing£1,800 to £9,000+
Internal Network Testing£2,850 to £12,000+
Mobile Application Testing£2,800 to £9,500+
Desktop Application Testing£2,700 to £7,000+

All prices are indicative and exclude VAT. A fixed price is confirmed following a scoping call. Ranges align with our published pricing.

What drives the cost?

  • Scope size. The number of URLs, IP addresses, or API endpoints in scope is the primary driver. A larger scope requires more testing time.
  • Complexity and functionality. Multiple user roles, custom business logic, complex authentication, and unique workflows all require more depth and testing time than a straightforward scope.
  • Test type and methodology. Web application, network, mobile, and API testing each follows a different methodology. Black-box, grey-box, and white-box approaches also vary in setup and depth.
  • Compliance requirements. Testing scoped for PCI DSS, ISO 27001, or SOC 2 may require specific methodology, evidence collection, or reporting formats beyond a standard engagement.

About This Estimate

Estimator frequently asked questions

Common questions about how indicative costs are calculated and what they mean.

The ranges shown are indicative and drawn from real engagement data across typical scope sizes. They will put you in the right zone for budgeting purposes.

Your actual fixed price may be lower or higher depending on specific scope details, environment complexity, and any compliance requirements discussed during a scoping call. The purpose of this tool is to give you a realistic starting point, not a final number.

Penetration test costs vary because scopes vary. A web application with 15 URLs and one user role is a materially different engagement from one with 60 URLs and five distinct permission levels. The estimator adjusts the range based on your inputs, but some variability remains until we understand your full environment during a scoping conversation.

We deliberately show a range rather than a single figure because a single number would be misleading. If a provider gives you an instant fixed price without understanding your scope, that price will change.

This estimator gives you an indicative range based on a few inputs. A formal quote from Exploitr is a written, fixed-price proposal confirmed after a scoping call, which covers your specific environment, testing methodology, deliverables, and timeline.

There are no surprises with a formal quote: the price agreed is the price you pay, with no day-rate overruns if the engagement takes longer than expected.

We price based on the scope required to test your environment thoroughly, so we do not simply match competitor prices without understanding what is included in their proposal.

If you have a budget constraint or have received a significantly lower quote, let us know during the scoping call. We will be transparent about what is and is not possible within that budget, and we will not cut corners on coverage to win on price.

No. The indicative range is shown on the page as soon as you answer the scope questions. Email is optional and is only used if you want the estimate and a link to request a formal quote sent to your inbox.

Ready for a fixed-price quote?

Tell us about your environment and we’ll send a written, fixed-price proposal within one business day. No obligation, no day-rate surprises.

Request a Quote Book a Scoping Call