You will get DAST / Web Application Penetration Testing with Detailed Report
Top Rated
You will get DAST / Web Application Penetration Testing with Detailed Report
Top Rated
Project details
I follow systematic approach and best industry methodology like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS etc to perform penetration testing.
I am a Penetration Tester and an OSCP Professional Security Researcher having 3 years of hands-on experience in Vulnerability Assessment & Penetration Testing that includes Web App, API, Mobile App - Android & iOS, Network, Cloud Security Audits and Penetration Testing, Desktop/Thick client Application, Container Security, Security Configuration Review - Firewall, Switches, Router, OS and Server. I also helped to secure top 500 fortune organisations.
As a result of my previous engagements in vulnerability assessment & penetration testing and bug hunting, I excel at:
- Performing professional penetration testing, vulnerability management, and consultation.
- Preventing unauthorized access, and evaluating potential security risks.
- Creating high-quality Management and Technical reports.
I am a Penetration Tester and an OSCP Professional Security Researcher having 3 years of hands-on experience in Vulnerability Assessment & Penetration Testing that includes Web App, API, Mobile App - Android & iOS, Network, Cloud Security Audits and Penetration Testing, Desktop/Thick client Application, Container Security, Security Configuration Review - Firewall, Switches, Router, OS and Server. I also helped to secure top 500 fortune organisations.
As a result of my previous engagements in vulnerability assessment & penetration testing and bug hunting, I excel at:
- Performing professional penetration testing, vulnerability management, and consultation.
- Preventing unauthorized access, and evaluating potential security risks.
- Creating high-quality Management and Technical reports.
Cybersecurity Assessment Type
Penetration TestingCybersecurity Expertise
Data Protection, Audit, Risk AssessmentTechnology Type
Firewall, IaaS, Computer Network, Data Center, Database, Operating System, SaaS, Web Application, CRM, ERP, PaaSCybersecurity Regulation
CMMC, ISO, NIST Cybersecurity Framework, PCI DSS, SOC 2What's included
| Service Tiers |
Starter
$500
|
Standard
$1,200
|
Advanced
$1,500
|
|---|---|---|---|
| Delivery Time | 3 days | 7 days | 14 days |
Application Audit | |||
Project Plan | - | - | - |
Cost Estimation | - | - | - |
Optional add-ons
You can add these on the next page.
Fast Delivery
+$100 - $200
9 reviews
(9)
(0)
(0)
(0)
(0)
This project doesn't have any reviews.
LH
Lee H.
May 3, 2025
You will get Vulnerability Assessment & Penetration Testing/ Advanced VAPT with a report
Responsive and communicate well
LL
Linawaty L.
Nov 29, 2024
Pen Test a Redemption Site 2024
I would like to again commend on the excellent work of Harshit. This is the 3rd time we're engaging his service and we're happy with the quality, speed and delivery. That's the reason why we keep coming back to him. I would recommend him highly for those that require penetration testing for their website. Thank you very much , Harshit :)
LL
Linawaty L.
Nov 2, 2023
Pen Test Corporate Site and Online Shop Site
This is our second time engaging Harshit for pentesting. We're satisfied with the service and the report provided. The timeline is accurate, according to what was promised. We sincerely recommend Harshit for your pentesting need.
MI
Mohamed I.
Nov 2, 2023
Conduct penetration testing for websites, APIs and infrastructure.
Once again, great work by Harshit. Very detailed in all his work and findings!
LL
Linawaty L.
Nov 7, 2022
Pen Test a Redemption Site
Harshit ticked all the check for a great freelancer for our project to pentest a webapp. He completed the project and went beyond :)
He completed the project on time (1 day earlier to be precise).
He's contactable at all times, even on weekend and off office hour when I didn't expect reply till next working day.
The quality of report is as promised and the advise he gave is actionable. My developer managed to fixed all the vulnerabilities based on his feedback.
We would gladly engage him for similar project in the future and we won't hesitate to recommend him for similar project to anyone.
Thank you.
He completed the project on time (1 day earlier to be precise).
He's contactable at all times, even on weekend and off office hour when I didn't expect reply till next working day.
The quality of report is as promised and the advise he gave is actionable. My developer managed to fixed all the vulnerabilities based on his feedback.
We would gladly engage him for similar project in the future and we won't hesitate to recommend him for similar project to anyone.
Thank you.
About Harshit
OSCP, CREST CPSA & CRT | Penetration Tester, VAPT, Security Consultant
100%
Job Success
Noida, India - 5:00 am local time
Ethical Hacking, Vulnerability Assessment & Penetration Testing, DevSecOps, Web Application Security, API Security, Android & iOS Mobile application Security, Network Security, Desktop Application Security, Cloud Security Audits and Penetration Testing, Thick Client App Security, Secure Code Review, DevSecOps, Container Security, IoT/Hardware Security, Blockchain or Smart Contract Security Audit, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc.
I am a Certified Cyber Security Expert/Professional and Security Engineer. I have more than 5 years of corporate experience in vulnerability assessment & penetration testing of Web Application, API, Android & iOS Mobile application, Network, Desktop Application, Cloud Security Audits and Penetration Testing, Thick Client App Security, Secure Code Review, DevSecOps, Container Security, IoT/Hardware Security, Blockchain/Smart Contract Security Audit, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc. Follow systematic approach and best industry methodology like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115. I help to identify and mitigate the threats and vulnerabilities in systems and softwares with my skills
I provide the following services:
✅ Penetration Testing Engagement ✅
This includes both thorough manual testing of all functionalities and automated testing for all websites, applications, servers or infrastructure included in the scope of work, using both professional enterprise grade software such as BurpSuite Professional and Nessus and also personal scripts and tools gathered over past engagements. This services extends as well to internal penetration tests and network infrastructure testing as well.
✅ Professional Report & Statistics ✅
Detailed report explaining step-by-step the exploitation and discovery method of each and every vulnerability discovered. Proof-of-Concept screen captures, full requests and responses, CVSS v3.0 standardised risk score, impact and ownership included.
✅ Remediation Advice & Guidance ✅
Remediation advice regarding all security issues discovered, how to fix them and warnings associated with the impact and risk of these vulnerabilities.
✅ Asset Discovery ✅
Through both active and passive methods, I can help you asses how big your digital footprint is on the internet and what is the attack platform visible from an outsider threat perspective. This includes subdomain enumeration and service/port discovery.
✅ Free Checkup ✅
Included in the price will be a checkup/retest of all aforementioned vulnerabilities present in the report in order to ensure that the implemented security controls and/or fixes are working as intended and that there is no other way to bypass them or exploit that vulnerability any longer.
Technical Skills:
- Vulnerability Assessment & Penetration Testing
- Web Application VAPT
- API VAPT
- Android & iOS Mobile ApplicationVAPT
- Network VAPT
- AWS/ Azure/ GCP/ DigitalOcean Cloud Security Audit and Penetration Testing
- Microsoft Office 365 Security Audit or Configuration Review
- Thick Client or Desktop Application VAPT
- Active Directory Security
- DevSecOps
- Container Security
- VoIP Penetration Testing/ Security Testing
- IoT/Hardware Security Testing
- Smart Contract Security Audit
- Threat Modeling
- Threat Intelligence
- Open Source Intelligence
- Security Configuration Review - Firewall, Switches, Router, Operating Systems and Servers
Certification Achieved:
- CREST Practitioner Security Analyst (CPSA)
- CREST Registered Penetration Tester (CRT)
- Offensive Security Certified Professional (OSCP)
- ISO 27001 Lead Auditor
- (ISC)2 Certified in CyberSecurity
- Information Security Certified Professional (ISCP)
- Cyber Security Foundation Professional Certificate (CSFPC)
- Certified AppSec Practitioner (CAP)
Achievements :
I got Appreciation Certificate from NCIIPC (Indian Government) for submitting few security issues. I attended private bugbounty programs organised by CCTNS (Crime and Criminal Tracking Network and Systems - Indian Government) and Bharti Airtel.
I helped to secure some companies such as Dell, DigitalOcean, StatusPage, Caviar, Western Union, UnderArmour, Arlo Cash Rewards, Kenna Security, Pantheon, Mailgun, Seek, Skyscanner, Fitbit, Overstock and more.
Steps for completing your project
After purchasing the project, send requirements so Harshit can start the project.
Delivery time starts when Harshit receives requirements from you.
Harshit works on your project following the steps below.
Revisions may occur after the delivery date.
Send a Questionnaire
It consists of some questions to understand your website.
Start doing Vulnerability Assessment & Penetration Testing
I'll find the security issues on your website.