You will get A Web Application Penetration Test from an OSWE | OSCP | CEH


Project details
You will receive an expert web application penetration test from an experienced, industry-certified (OSWE, OSCP, CEH) ethical hacker, following OWASP Web Security Testing Guide standards. You will get a comprehensive view of the security posture of your web application from a penetration tester with proven knowledge in application security, exploit development, business communication, & pentesting methodology.
[STARTER]
- Black-box assessment
- 1 public-facing web application
- Automated scanning to identify common vulnerabilities
- Manual validation / no false positives
- Manually written, professional report with an executive summary, findings, and mitigations
- Up to 1hr support
[STANDARD]
- Everything in Starter
- Deeper scanning to identify complex vulnerabilities.
- Manual analysis to identify common authorization flaws
- Up to 2hr support
[ADVANCED]
- Everything in Standard
- Manual deep-dive analysis to identify complex vulnerabilities not detected by scanners, business logic issues, & authorization flaws
- API testing
- OSINT + Cloud hunting (AWS, Azure, GCP)
- Whitebox assessment, get better output by providing me documentation and/or source code
- Up to 4hr support
[STARTER]
- Black-box assessment
- 1 public-facing web application
- Automated scanning to identify common vulnerabilities
- Manual validation / no false positives
- Manually written, professional report with an executive summary, findings, and mitigations
- Up to 1hr support
[STANDARD]
- Everything in Starter
- Deeper scanning to identify complex vulnerabilities.
- Manual analysis to identify common authorization flaws
- Up to 2hr support
[ADVANCED]
- Everything in Standard
- Manual deep-dive analysis to identify complex vulnerabilities not detected by scanners, business logic issues, & authorization flaws
- API testing
- OSINT + Cloud hunting (AWS, Azure, GCP)
- Whitebox assessment, get better output by providing me documentation and/or source code
- Up to 4hr support
Cybersecurity Expertise
Audit, Cyber Threat Intelligence, Risk AssessmentTechnology Type
Web ApplicationWhat's included
| Service Tiers |
Starter
$750
|
Standard
$2,500
|
Advanced
$5,500
|
|---|---|---|---|
| Delivery Time | 3 days | 5 days | 7 days |
Application Audit | |||
Project Plan | - | - | |
Cost Estimation | - | - |
Frequently asked questions
About Bryan
Senior Penetration Tester - OSWE | OSCP | CEH
Orion charter Township, United States - 8:29 am local time
I do not spend much time on bug bounty's platforms though I have disclosed over 100+ major security findings to various companies in multiple industries ranging from retail, financial, real estate, manufacturing, transportation, marketing, and government.
Hacking is, and always will be my passion and I work and volunteer my time in the Michigan security community as part of the Michigan's Cyber Civilian Corps. Our group is called on to respond in any event of a governor-declared state of cyber emergency for the State of Michigan. I also attend and participate in local conferences such as #MISEC, #GrrCon, and #BsidesDetroit. Myself and a few colleagues also host custom CTF competitions under our group CTF313 which not only is the primary CTF at Bsides Detroit, but has also been a part of Car Hacking Village at Defcon. Lastly, I also enjoy OSINT and hold 2 Black Badges from GrrCon's OSINT Capture-the Flag competitions.
I hold many certifications shown below:
Certifications: Offensive Security Web Expert (OSWE), Offensive
Security Certified Professional (OSCP), Certified Ethical Hacker
"Master" (CEH), GIAC Network Forensic Analyst (GFNA), GIAC
Continuous Monitoring Certification (GMON)
Community: CTF313, Michigan Cyber Civilian Corps (MiC3), Car Hacking Village, #MISEC, Infraguard
Steps for completing your project
After purchasing the project, send requirements so Bryan can start the project.
Delivery time starts when Bryan receives requirements from you.
Bryan works on your project following the steps below.
Revisions may occur after the delivery date.
Scoping + Rules of Engagement
As with any penetration test, accurate scoping is required to ensure that the assessment falls in line with expectations. Confidentiality is guaranteed through non-disclosures as the nature of a pentest, and its deliverables are confidential.
Recon & Information Gathering
I will collect as much information as I can on the target, employing a myriad of OSINT (Open-Source Intelligence) tools and techniques.




