You will get Security Audit & Penetration Test for Custom GPTs & LLM Agents
Top Rated

Top Rated

Project details
Is your AI Agent leaking sensitive data? Companies are rushing to build Custom GPTs and AI Agents, but most are vulnerable to "Prompt Injection", a technique where attackers trick the AI into ignoring its rules.
As an OSCP & CREST Certified Penetration Tester with specialized research in GenAI security, I will attempt to "break" your AI before a real hacker does.
What I Will Test (OWASP Top 10 for LLMs):
• Prompt Injection & Jailbreaking
• System Prompt Extraction
• RAG Data Leakage
• Action/API Exploitation
What You Get:
• Manual Testing: I don't just use automated tools; I use creative, logic-based "Red Teaming" attacks tailored to your specific bot.
• Vulnerability Report: A clear PDF showing exactly how I broke the model (Screenshots & Logs).
• Remediation Guide: Exact instructions on how to update your System Prompt or Guardrails to prevent these attacks.
Why Me?
• OSCP & CREST Certified.
• Acknowledged by the Indian Government (NCIIPC) for security research.
• Proven track record securing apps for Dell, Western Union, and DigitalOcean.
Don't let your AI be a liability. Order a security audit today.
As an OSCP & CREST Certified Penetration Tester with specialized research in GenAI security, I will attempt to "break" your AI before a real hacker does.
What I Will Test (OWASP Top 10 for LLMs):
• Prompt Injection & Jailbreaking
• System Prompt Extraction
• RAG Data Leakage
• Action/API Exploitation
What You Get:
• Manual Testing: I don't just use automated tools; I use creative, logic-based "Red Teaming" attacks tailored to your specific bot.
• Vulnerability Report: A clear PDF showing exactly how I broke the model (Screenshots & Logs).
• Remediation Guide: Exact instructions on how to update your System Prompt or Guardrails to prevent these attacks.
Why Me?
• OSCP & CREST Certified.
• Acknowledged by the Indian Government (NCIIPC) for security research.
• Proven track record securing apps for Dell, Western Union, and DigitalOcean.
Don't let your AI be a liability. Order a security audit today.
Cybersecurity Assessment Type
Red Team AssessmentCybersecurity Expertise
AI Compliance, AI Governance, Data ProtectionTechnology Type
Web ApplicationCybersecurity Regulation
GDPR, ISO, NIST Cybersecurity Framework, PCI DSS, SOC 2What's included
| Service Tiers |
Starter
$400
|
Standard
$800
|
Advanced
$1,200
|
|---|---|---|---|
| Delivery Time | 3 days | 6 days | 10 days |
Application Audit | |||
Project Plan | - | - | - |
Cost Estimation | - | - | - |
12 reviews
(12)
(0)
(0)
(0)
(0)
This project doesn't have any reviews.
LH
Lee H.
Jul 10, 2025
Database Assessment Security Review
4th time engaging with Harshit and this time is database assessment security review.
Clear instructions and straight to the point with the Pre-requisites messages required for this assessment.
Team member is able to provide the necessary pre-reqs items without any hiccup, and Harshit will execute accordingly
Clear instructions and straight to the point with the Pre-requisites messages required for this assessment.
Team member is able to provide the necessary pre-reqs items without any hiccup, and Harshit will execute accordingly
LH
Lee H.
Jun 25, 2025
Secure Source Code Review
Engaged Harshit for the third time (this time is Source Code Review), and onceagain delivered on time with high quality work that fully met the expectations.
Harshit's findings were thorough, and the proposed solutions were clearly detailed and actionable
Thank you once again Harshit!
Harshit's findings were thorough, and the proposed solutions were clearly detailed and actionable
Thank you once again Harshit!
LH
Lee H.
Jun 25, 2025
VAPT for 3 applications
Engaged for VAPT and delivered on time with quality!
LH
Lee H.
May 3, 2025
You will get Vulnerability Assessment & Penetration Testing/ Advanced VAPT with a report
Responsive and communicate well
LL
Linawaty L.
Nov 29, 2024
Pen Test a Redemption Site 2024
I would like to again commend on the excellent work of Harshit. This is the 3rd time we're engaging his service and we're happy with the quality, speed and delivery. That's the reason why we keep coming back to him. I would recommend him highly for those that require penetration testing for their website. Thank you very much , Harshit :)
About Harshit
OSCP & CREST Certified Pentester | Web, Cloud, AI & Mobile Security
100%
Job Success
Noida, India - 3:26 am local time
I am an OSCP and CREST Registered Penetration Tester with 6+ years of experience. I don't just run automated scanners that miss critical flaws, I use a systematic, manual approach (OWASP, NIST) to think like a hacker and find vulnerabilities before malicious actors do.
🛡️ Why Clients Trust Me:
- Elite Certifications: OSCP, CREST (CRT & CPSA), ISO 27001 Lead Auditor, and (ISC)².
- Manual Intelligence: I go beyond automated tools. I perform deep logic-based testing to find complex vulnerabilities in Business Logic, API endpoints, and Smart Contracts.
- Clear Reporting: You receive a detailed report with Proof-of-Concept (PoC) screen captures, CVSS v4.0 risk scoring, and actionable remediation steps, not just technical jargon.
🛠️ My Security Services:
1. Web & Mobile Application Security (VAPT)
- Comprehensive testing for Web Apps, APIs, and Thick Clients.
- iOS & Android Security (Static & Dynamic Analysis).
2. Source Code Review & DevSecOps integration.
3. Cloud & Infrastructure Security
- AWS, Azure, GCP, and DigitalOcean configuration audits.
- Network VAPT, Container Security (Docker/K8s), and Firewall/Router hardening.
- Active Directory & Windows/Linux Server hardening.
4. Emerging Tech Security (AI & Blockchain)
- AI/LLM Security: Testing GenAI and Agentic AI models for prompt injection and jailbreaks.
- Blockchain: Smart Contract auditing and IoT/Hardware security.
✅ My 4-Step Engagement Process:
- Reconnaissance & Scanning: Using BurpSuite Pro, Nessus, custom scripts and other standard tools.
- Manual Exploitation: Verifying false positives and exploiting complex flaws.
- Reporting: Delivering a professional report with a management summary and technical fix guide.
- FREE Retest: I will verify your fixes at no extra cost to ensure the holes are truly plugged.
🏆 Notable Achievements:
- Acknowledged by NCIIPC (Government of India) for critical security submissions.
- Secured platforms for: Fitbit, Skyscanner, UnderArmour, Mailgun, and Bharti Airtel.
🛠️ Technical Skills:
- Vulnerability Assessment & Penetration Testing
- Web Application VAPT
- API VAPT
- AI/Gen AI/Agentic AI Security Testing
- Android & iOS Mobile ApplicationVAPT
- Network VAPT
- AWS/ Azure/ GCP/ DigitalOcean Cloud Security Audit and Penetration Testing
- Microsoft Office 365 Security Audit or Configuration Review
- Thick Client or Desktop Application VAPT
- Active Directory Security
- DevSecOps
- Container Security
- VoIP Penetration Testing/ Security Testing
- IoT/Hardware Security Testing
- Smart Contract Security Audit
- Threat Modeling
- Threat Intelligence
- Open Source Intelligence
- Security Configuration Review - Firewall, Switches, Router, Operating Systems and Servers
Contact me to discuss your scope. Let’s secure your assets today.
Steps for completing your project
After purchasing the project, send requirements so Harshit can start the project.
Delivery time starts when Harshit receives requirements from you.
Harshit works on your project following the steps below.
Revisions may occur after the delivery date.
Requirement Gathering
Estimation