pentestcostcalculator.com
Pen test scope

Mobile application pen test

iOS and Android app testing covering OWASP Mobile Top 10, certificate pinning, jailbreak / root detection, API back-end coupling.

Small
3-5d
£3,000-£7,500 UK
Medium
5-10d
£5,000-£15,000 UK
Large
10-15d
£10,000-£22,500 UK

Standards typically applied

OWASP Mobile Security Testing GuideOWASP MASTGOWASP Mobile Top 10

Considerations that move the day count

  • iOS + Android usually scoped separately — most engagements cover one platform unless explicitly dual
  • API back-end is almost always coupled — quoting mobile without API is rarely meaningful
  • Hardware-backed key storage (Secure Enclave / TEE) verification is sometimes scoped separately
Source

OWASP Mobile Application Security Testing Guide + Precursor Security 2026 scope ranges

Verified 2026-06-02
Other scopes
Web application pen test5-10dExternal infrastructure pen test4-8dInternal infrastructure pen test5-10dCloud configuration / pen test5-10dAPI pen test4-8dRed team engagement20-40d