You will get A Web Application Penetration Test from an OSWE | OSCP | CEH

Bryan S.Status: Offline
Bryan S.

Let a pro handle the details

Buy Assessments & Penetration Testing services from Bryan, priced and ready to go.
Bryan S.Status: Offline
Bryan S.

Let a pro handle the details

Buy Assessments & Penetration Testing services from Bryan, priced and ready to go.

Project details

You will receive an expert web application penetration test from an experienced, industry-certified (OSWE, OSCP, CEH) ethical hacker, following OWASP Web Security Testing Guide standards. You will get a comprehensive view of the security posture of your web application from a penetration tester with proven knowledge in application security, exploit development, business communication, & pentesting methodology.

[STARTER]
- Black-box assessment
- 1 public-facing web application
- Automated scanning to identify common vulnerabilities
- Manual validation / no false positives
- Manually written, professional report with an executive summary, findings, and mitigations
- Up to 1hr support

[STANDARD]
- Everything in Starter
- Deeper scanning to identify complex vulnerabilities.
- Manual analysis to identify common authorization flaws
- Up to 2hr support

[ADVANCED]
- Everything in Standard
- Manual deep-dive analysis to identify complex vulnerabilities not detected by scanners, business logic issues, & authorization flaws
- API testing
- OSINT + Cloud hunting (AWS, Azure, GCP)
- Whitebox assessment, get better output by providing me documentation and/or source code
- Up to 4hr support
Cybersecurity Expertise
Audit, Cyber Threat Intelligence, Risk Assessment
Technology Type
Web Application
What's included
Service Tiers Starter
$750
Standard
$2,500
Advanced
$5,500
Delivery Time 3 days 5 days 7 days
Application Audit
Project Plan
-
-
Cost Estimation
-
-

Frequently asked questions

Bryan S.Status: Offline

About Bryan

Bryan S.Status: Offline
Senior Penetration Tester - OSWE | OSCP | CEH
Orion charter Township, United States - 8:29 am local time
Hello, I am a senior-level cybersecurity professional with 10 years of global enterprise experience. I am professionally trained in the field of penetration testing, with a specialty and personal interest in web applications. I currently work in industry while also performing freelance penetration testing on the side. In addition to penetration testing, I am professionally trained in incident response, digital & network forensics, and reverse engineering.

I do not spend much time on bug bounty's platforms though I have disclosed over 100+ major security findings to various companies in multiple industries ranging from retail, financial, real estate, manufacturing, transportation, marketing, and government.

Hacking is, and always will be my passion and I work and volunteer my time in the Michigan security community as part of the Michigan's Cyber Civilian Corps. Our group is called on to respond in any event of a governor-declared state of cyber emergency for the State of Michigan. I also attend and participate in local conferences such as #MISEC, #GrrCon, and #BsidesDetroit. Myself and a few colleagues also host custom CTF competitions under our group CTF313 which not only is the primary CTF at Bsides Detroit, but has also been a part of Car Hacking Village at Defcon. Lastly, I also enjoy OSINT and hold 2 Black Badges from GrrCon's OSINT Capture-the Flag competitions.

I hold many certifications shown below:

Certifications: Offensive Security Web Expert (OSWE), Offensive
Security Certified Professional (OSCP), Certified Ethical Hacker
"Master" (CEH), GIAC Network Forensic Analyst (GFNA), GIAC
Continuous Monitoring Certification (GMON)

Community: CTF313, Michigan Cyber Civilian Corps (MiC3), Car Hacking Village, #MISEC, Infraguard

Steps for completing your project

After purchasing the project, send requirements so Bryan can start the project.

Delivery time starts when Bryan receives requirements from you.

Bryan works on your project following the steps below.

Revisions may occur after the delivery date.

Scoping + Rules of Engagement

As with any penetration test, accurate scoping is required to ensure that the assessment falls in line with expectations. Confidentiality is guaranteed through non-disclosures as the nature of a pentest, and its deliverables are confidential.

Recon & Information Gathering

I will collect as much information as I can on the target, employing a myriad of OSINT (Open-Source Intelligence) tools and techniques.

Review the work, release payment, and leave feedback to Bryan.