You will get SAST / Secure Source Code Review / Vulnerability Scan with a report

Harshit S.
Harshit S. Harshit S.
5.0
Top Rated

Let a pro handle the details

Buy Other Cybersecurity & Data Protection services from Harshit, priced and ready to go.

You will get SAST / Secure Source Code Review / Vulnerability Scan with a report

Harshit S.
Harshit S. Harshit S.
5.0
Top Rated

What's included $500

Secure Code Review

I'll scan all the vulnerabilities within the source code.

  • Delivery Time 5 days
    • Small Company Size
    • Medium Company Size
    • Large Company Size

5 days delivery — May 23, 2024
Revisions may occur after this date.
Upwork Payment Protection
Fund the project upfront. Harshit gets paid once you are satisfied with the work.

Let a pro handle the details

Buy Other Cybersecurity & Data Protection services from Harshit, priced and ready to go.

Project details

You will get a comprehensive assessment report of the secure code review. I will find each and every vulnerability or security issue within the source code. I will provide the description, location of the vulnerability occurred, remediation of the vulnerability & severity of the vulnerability in the report.
Cybersecurity Expertise
Data Protection, Audit, Risk Assessment
Cybersecurity Regulation
CMMC, GDPR, ISO, PCI DSS, SOC 2
What's included $500 These options are included with the project scope.
$500
  • Delivery Time 5 days
    • Small Company Size
    • Medium Company Size
    • Large Company Size
Optional add-ons You can add these on the next page.
Fast 2 Days Delivery
+$200
5.0
7 reviews
100% Complete
1% Complete
(0)
1% Complete
(0)
1% Complete
(0)
1% Complete
(0)
Rating breakdown
Availability
5.0
Deadlines
5.0
Skills
5.0
Quality
5.0
Cooperation
5.0
Communication
5.0

MI

Mohamed I.
5.00
Nov 10, 2023
Conduct penetration testing for websites, APIs and infrastructure. Once again, great work by Harshit. Very detailed in all his work and findings!

LL

Linawaty L.
5.00
Nov 9, 2023
Pen Test Corporate Site and Online Shop Site This is our second time engaging Harshit for pentesting. We're satisfied with the service and the report provided. The timeline is accurate, according to what was promised. We sincerely recommend Harshit for your pentesting need.

LL

Linawaty L.
5.00
Nov 7, 2022
Pen Test a Redemption Site Harshit ticked all the check for a great freelancer for our project to pentest a webapp. He completed the project and went beyond :)
He completed the project on time (1 day earlier to be precise).
He's contactable at all times, even on weekend and off office hour when I didn't expect reply till next working day.
The quality of report is as promised and the advise he gave is actionable. My developer managed to fixed all the vulnerabilities based on his feedback.
We would gladly engage him for similar project in the future and we won't hesitate to recommend him for similar project to anyone.
Thank you.

TD

Tyrone D.
5.00
Oct 4, 2022
Burpsuite Penetration Testing

RS

Ravi S.
5.00
Sep 9, 2022
Secure Development Life Cycle Document Excellent service. Super quick turn around and very pleasant to work with.
Harshit S.

About Harshit

Harshit S.
OSCP, CREST CPSA & CRT | Penetration Tester, VAPT, Security Consultant
100% Job Success
5.0  (7 reviews)
Noida, India - 4:57 am local time
Services Offering :
Ethical Hacking, Vulnerability Assessment & Penetration Testing, DevSecOps, Web Application Security, API Security, Android & iOS Mobile application Security, Network Security, Desktop Application Security, Cloud Security Audits and Penetration Testing, Thick Client App Security, Secure Code Review, DevSecOps, Container Security, IoT/Hardware Security, Blockchain or Smart Contract Security Audit, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc.

I am a Certified Cyber Security Expert/Professional and Security Engineer. I have more than 3 years of corporate experience in vulnerability assessment & penetration testing of Web Application, API, Android & iOS Mobile application, Network, Desktop Application, Cloud Security Audits and Penetration Testing, Thick Client App Security, Secure Code Review, DevSecOps, Container Security, IoT/Hardware Security, Blockchain/Smart Contract Security Audit, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc. Follow systematic approach and best industry methodology like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115. I help to identify and mitigate the threats and vulnerabilities in systems and softwares with my skills

I provide the following services:

✅ Penetration Testing Engagement ✅
This includes both thorough manual testing of all functionalities and automated testing for all websites, applications, servers or infrastructure included in the scope of work, using both professional enterprise grade software such as BurpSuite Professional and Nessus and also personal scripts and tools gathered over past engagements. This services extends as well to internal penetration tests and network infrastructure testing as well.

✅ Professional Report & Statistics ✅
Detailed report explaining step-by-step the exploitation and discovery method of each and every vulnerability discovered. Proof-of-Concept screen captures, full requests and responses, CVSS v3.0 standardised risk score, impact and ownership included.

✅ Remediation Advice & Guidance ✅
Remediation advice regarding all security issues discovered, how to fix them and warnings associated with the impact and risk of these vulnerabilities.

✅ Asset Discovery ✅
Through both active and passive methods, I can help you asses how big your digital footprint is on the internet and what is the attack platform visible from an outsider threat perspective. This includes subdomain enumeration and service/port discovery.

✅ Free Checkup ✅
Included in the price will be a checkup/retest of all aforementioned vulnerabilities present in the report in order to ensure that the implemented security controls and/or fixes are working as intended and that there is no other way to bypass them or exploit that vulnerability any longer.

Technical Skills:
- Vulnerability Assessment & Penetration Testing
- Web Application VAPT
- API VAPT
- Android & iOS Mobile ApplicationVAPT
- Network VAPT
- AWS/ Azure/ GCP/ DigitalOcean Cloud Security Audit and Penetration Testing
- Microsoft Office 365 Security Audit or Configuration Review
- Thick Client or Desktop Application VAPT
- Active Directory Security
- DevSecOps
- Container Security
- VoIP Penetration Testing/ Security Testing
- IoT/Hardware Security Testing
- Smart Contract Security Audit
- Threat Modeling
- Threat Intelligence
- Open Source Intelligence
- Security Configuration Review - Firewall, Switches, Router, Operating Systems and Servers

Certification Achieved:
- CREST Practitioner Security Analyst (CPSA)
- CREST Registered Penetration Tester (CRT)
- Offensive Security Certified Professional (OSCP)
- (ISC)2 Certified in CyberSecurity
- Information Security Certified Professional (ISCP)
- Cyber Security Foundation Professional Certificate (CSFPC)
- Certified AppSec Practitioner (CAP)

Achievements :
I got Appreciation Certificate from NCIIPC (Indian Government) for submitting few security issues. I attended private bugbounty programs organised by CCTNS (Crime and Criminal Tracking Network and Systems - Indian Government) and Bharti Airtel.
I helped to secure some companies such as Dell, DigitalOcean, StatusPage, Caviar, Western Union, UnderArmour, Arlo Cash Rewards, Kenna Security, Pantheon, Mailgun, Seek, Skyscanner, Fitbit, Overstock and more.

Steps for completing your project

After purchasing the project, send requirements so Harshit can start the project.

Delivery time starts when Harshit receives requirements from you.

Harshit works on your project following the steps below.

Revisions may occur after the delivery date.

1. Get a source code from Client

Client provide their source code of the application for secure code review.

2. Automated Scan

I will use automated scanner like Checkmarx, Sonarqube, Horusec, and others to find out the vulnerability within the source code.

Review the work, release payment, and leave feedback to Harshit.