You will get a professional penetration testing following output OWASP report
Top Rated

Top Rated

Project details
With your consent, I will conduct a penetration test of your website and APIs, simulating real-world attacks to identify security weaknesses. The assessment will strictly follow the OWASP security framework and industry best practices. Most of the testing will be performed manually to ensure accurate validation of vulnerabilities beyond automated results. All web and API components will be reviewed against relevant OWASP checks.
At the end of the project, you will receive a detailed penetration testing report that includes an overall security assessment, clear vulnerability descriptions, proof of concept (PoC), and practical remediation recommendations.
The Starter package includes only automated scans using commercial tools, and the report is automatically generated by those tools without manual analysis.
At the end of the project, you will receive a detailed penetration testing report that includes an overall security assessment, clear vulnerability descriptions, proof of concept (PoC), and practical remediation recommendations.
The Starter package includes only automated scans using commercial tools, and the report is automatically generated by those tools without manual analysis.
Cybersecurity Assessment Type
Penetration TestingCybersecurity Expertise
Data Protection, Audit, Risk AssessmentTechnology Type
Firewall, IaaS, Computer Network, Data Center, Database, Operating System, SaaS, Web Application, CRM, Email System, ERP, Mobile DeviceCybersecurity Regulation
ISO, HIPAA, NIST Cybersecurity Framework, PCI DSS, SOC 2What's included
| Service Tiers |
Starter
$250
|
Standard
$800
|
Advanced
$950
|
|---|---|---|---|
| Delivery Time | 3 days | 5 days | 8 days |
Application Audit | |||
Project Plan | |||
Cost Estimation | - |
Frequently asked questions
443 reviews
(438)
(5)
(0)
(0)
(0)
JN
John N.
Nov 20, 2025
Requested a penetration test for our WebApp. Florjan was very quick to reply to scoping questions, was very quick to deliver the requested work and responsive to a follow-on question. Wouldn't hesitate to work with him again.
DI
David I.
Jul 9, 2025
Florjan was a pleasure to work with. His communication was excellent and he completed the project ahead of schedule.
WL
Wendi L.
May 26, 2025
WL
Wendi L.
Mar 14, 2025
Excellent work as always.
NS
Nadia S.
Feb 12, 2025
Great experience working with Florjan! Very well done job and great assisstance!
ML
Mark L.
Jul 2, 2026
Security audit for 2 web and mobile features
Another successful project with Florjan. Excellent work, would definitely recommend.
GK
G K.
Jun 30, 2026
Website Security Test
EK
Edmond K.
Jun 28, 2026
Authenticated Vulnerability Scan + VAPT Validation (HECVAT Requirement)
VK
Vasily K.
Jun 27, 2026
Penetration Test & Report for Infrastructure Automation Platform
Good work Florjan, thank you
KT
Kent T.
Jun 23, 2026
Web App Security Tester (PenTest)
Florjan has been a trusted security partner for us over the past few years. He consistently delivers high-quality work on time, communicates clearly, and is always responsive throughout the engagement. He is helpful, collaborative, and willing to go the extra mile to ensure a successful outcome. We recently engaged him for a penetration test, and once again he delivered excellent results. I would highly recommend Florjan to anyone looking for a reliable and professional security consultant.
About Florjan
Penetration Tester | OSCP+ CEH | Web, API & Mobile Security
100%
Job Success
Tirana, Albania - 11:57 pm local time
Over the last years, I have completed more than 600 penetration tests and security assessments for clients across finance, SaaS, healthcare, e-commerce, and enterprise environments. My main focus is helping companies identify real security risks before attackers do, with clear evidence, practical remediation guidance, and professional reports suitable for compliance, audit, and internal security teams.
Core services I provide:
• Web Application Penetration Testing
• API Security Testing
• Mobile Application Penetration Testing for Android and iOS
• SOC 2, ISO 27001, PCI DSS, AMAZON SP and Compliance-Oriented Penetration Test Reports
• OWASP Top 10 Security Testing
• OWASP WSTG-Based Assessments
• Vulnerability Assessment and Security Hardening
• Retesting and Remediation Validation
I perform Black Box, Gray Box, and White Box penetration testing depending on the client’s needs. My reports are structured, professional, and easy to understand by both technical teams and management. Each finding includes clear evidence, risk rating, business impact, CVSS scoring where applicable, and actionable remediation steps.
Clients usually hire me when they need:
• A professional penetration test before a product launch
• A security report for SOC 2, ISO 27001, PCI DSS, AMAZON SP vendor review, or investor due diligence
• Web, API, or mobile app testing by an experienced OSCP-certified tester
• A practical security assessment focused on real exploitability, not only scanner output
• Fast communication, clear reporting, and reliable retesting after fixes
My goal is not only to find vulnerabilities, but to help your team understand, prioritize, and fix them properly.
Sample penetration testing reports can be provided upon request.
Steps for completing your project
After purchasing the project, send requirements so Florjan can start the project.
Delivery time starts when Florjan receives requirements from you.
Florjan works on your project following the steps below.
Revisions may occur after the delivery date.
Information Gathering
Searching for sensitive information that can be found and left by mistake. The organization being tested will provide the penetration tester with general information about in-scope targets
Check for Vulnerable Libraries
This check if the developer is using any potential vulnerable library that can help us to Exploit application latter.