You will get a professional LLM security test for Prompt injection & Jailbreaks
Top Rated

Top Rated

Project details
If you've shipped an AI chatbot or LLM feature, you've also opened a new way in for attackers, and most teams have never tested for it.
I find those gaps before someone with bad intentions does. I attack your AI the way a real adversary would: prompt injection that overrides its instructions, jailbreaks that slip past its guardrails, tricks that leak your hidden system prompt, and unsafe outputs that put your users or data at risk. Then I hand you a clear report: what I found, how I did it, how serious it is, and exactly how to fix it.
My work maps to the OWASP LLM Top 10 and is backed by 4+ years of hands-on penetration testing for clients across the US and UK. You can also watch how I work on my YouTube channel, Kiso Secure.
Every engagement runs only under written authorization and clearly defined rules of engagement. I test what we agree to test, document everything, and disclose responsibly.
I can't make AI risk-free, no one honestly can. But I can make sure yours is deployed securely. That's what trustworthy looks like.
I find those gaps before someone with bad intentions does. I attack your AI the way a real adversary would: prompt injection that overrides its instructions, jailbreaks that slip past its guardrails, tricks that leak your hidden system prompt, and unsafe outputs that put your users or data at risk. Then I hand you a clear report: what I found, how I did it, how serious it is, and exactly how to fix it.
My work maps to the OWASP LLM Top 10 and is backed by 4+ years of hands-on penetration testing for clients across the US and UK. You can also watch how I work on my YouTube channel, Kiso Secure.
Every engagement runs only under written authorization and clearly defined rules of engagement. I test what we agree to test, document everything, and disclose responsibly.
I can't make AI risk-free, no one honestly can. But I can make sure yours is deployed securely. That's what trustworthy looks like.
Cybersecurity Assessment Type
Vulnerability AssessmentCybersecurity Expertise
AI Compliance, AI Governance, Data ProtectionTechnology Type
Data Center, Database, Web ApplicationCybersecurity Regulation
GDPRWhat's included
| Service Tiers |
Starter
$499
|
Standard
$1,299
|
Advanced
$1,999
|
|---|---|---|---|
| Delivery Time | 4 days | 10 days | 15 days |
Application Audit | - | - | - |
Project Plan | - | - | - |
Cost Estimation | - | - | - |
Optional add-ons
You can add these on the next page.
Retest After Fixes
(+ 3 Days)
+$250
Extra LLM Feature
(+ 3 Days)
+$500
RAG Security Deep Dive
(+ 7 Days)
+$750Frequently asked questions
70 reviews
(57)
(10)
(1)
(1)
(1)
This project doesn't have any reviews.
AC
Adrian C.
Mar 19, 2026
You will get a Press-ready Release with Distribution support and SEO visibility
MA
Mohamed A.
Dec 3, 2025
Cyber Security Assessment for Windfarm
PB
Patrick B.
Nov 13, 2025
Press Release Distribution and Article Writing
Excellent man. Hard working, great idea man. Problem solver. Very pleaed
JD
Jaha D.
Apr 16, 2025
Cyber analysis for myself
BB
Brittany B.
Jan 7, 2025
iPhone & macOS question
Incredibly knowledgable in his field! Thank you for your help.
About Stephen
Cybersecurity | Digital Forensics | AI Security | OSINT
100%
Job Success
Nairobi, Kenya - 12:33 am local time
1. 🤖 AI Security
I assess LLMs, RAG pipelines, AI agents, model integrations, and AI-enabled applications through authorized adversarial testing to uncover exploitable weaknesses before they are abused in production.
Core Services:
• AI reconnaissance and attack surface mapping
• AI vulnerability scanning and fuzzing
• Prompt injection, jailbreaking, prompt chaining, and guardrail bypass assessments
• Agentic AI, model-to-model, and orchestration workflow attack simulations
• AI infrastructure, plugin, API, and supply-chain security reviews
• AI security testing, hardening validation, and AI incident response support
Requirements:
• Written authorization with defined AI testing scope
• Approved access boundaries for prompts, APIs, models, agents, vector stores, and training/inference environments
• Clear legal and operational approval for any adversarial AI assessment
2. 🧨 Red Teaming
I simulate real-world adversary behaviour to identify critical weaknesses and strengthen security across corporate and private environments.
Core Services:
• Advanced phishing simulations and payload delivery
• Internal and external network penetration testing
• Wireless security testing (rogue APs, WPS, WPA/WPA2 weaknesses)
Requirements:
• Written authorization with clearly defined rules of engagement
• Verified ownership or documented authorization over targeted assets
3. 🛡 DFIR – Digital Forensics & Incident Response
I provide responses to cyber incidents, ensuring containment, investigation, and recovery across enterprise systems.
Core Services:
• Compromise assessment and root cause analysis
• Timeline creation and attack vector tracing
• Disk and memory acquisition (live and dead systems)
• File integrity and log analysis
• Lateral movement and persistence detection
• Forensic reporting aligned with legal and evidentiary standards
4. 🐞 Malware Analysis & Threat Research
I reverse engineer and dissect malware samples to uncover behaviour, persistence mechanisms, and threat actor infrastructure.
Core Services:
• Static and dynamic analysis of binaries and scripts
• Payload unpacking, sandbox execution, and API behaviour monitoring
• C2 tracking, backdoor analysis, and exploit identification
• YARA rule creation and IOC development
Tools:
• FLARE VM, REMnux, Cuckoo Sandbox, IDA Pro, Ghidra, x64dbg, PEStudio
5. 📱 Data Recovery & Mobile Forensics
I recover deleted, hidden, or encrypted data from mobile devices and digital storage media.
Supported Sources:
• Android and iOS devices
• SD cards, USB drives, and hard drives
• Messaging platforms such as WhatsApp, Telegram, Signal, and Messenger
Core Services:
• Deleted chat and message recovery
• Recovery of photos, videos, and documents from local storage or cloud sync sources
• Mobile backup decryption and analysis (iTunes, Google Drive, iCloud)
• Forensic imaging and mobile analysis reporting
Tools:
• Cellebrite UFED, Magnet AXIOM Cyber, FTK
6. 🌐 Network Security
I design, deploy, and monitor defensive infrastructure to strengthen visibility, segmentation, and response capability.
Core Services:
• pfSense firewall deployment and network segmentation
• IDS/IPS implementation with Snort and Suricata
• SIEM implementation with Wazuh and Splunk
• VPN deployment and secure remote access
• Proxy-based content filtering and monitoring
7. 🌑 Dark Web & OSINT Cyber Threat Intelligence
I specialize in underground threat intelligence and OSINT-driven profiling to uncover fraud, leaks, and threat actor activity across the surface, deep, and dark web.
Core Services:
• Dark web marketplace and threat actor monitoring
• Tracking aliases, infrastructure, and toolkit usage
• Company OSINT investigations and employee attack surface mapping
• Data breach hunting for leaked emails, credentials, and sensitive records
• Fraud profiling involving impersonation, cybercrime campaigns, and financial scams
Tools:
• Recon-ng, SpiderFoot, Maltego, Shodan, Intelligence X, OnionScan, Ahmia, Tor2Web mirrors, Hunchly
8. ✍️ Cybersecurity Writing
I provide fluent, technically accurate writing in both British and American English for security, forensic, and research audiences.
Writing Areas:
• Technical writing
• eBooks and blog content
• Articles
Steps for completing your project
After purchasing the project, send requirements so Stephen can start the project.
Delivery time starts when Stephen receives requirements from you.
Stephen works on your project following the steps below.
Revisions may occur after the delivery date.
Kickoff & authorizationKickoff & authorization
Confirm scope, access type (black/grey/white-box), written authorization, rules of engagement, and success criteria.
Recon & threat modeling
Map the LLM feature's inputs, system prompts, tools, and trust boundaries; identify the highest-risk attack paths.