You will get DAST / Web Application Penetration Testing with Detailed Report
Top Rated

Top Rated

Project details
I follow systematic approach and best industry methodology like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS etc to perform penetration testing.
I am a Penetration Tester and an OSCP Professional Security Researcher having 3 years of hands-on experience in Vulnerability Assessment & Penetration Testing that includes Web App, API, Mobile App - Android & iOS, Network, Cloud Security Audits and Penetration Testing, Desktop/Thick client Application, Container Security, Security Configuration Review - Firewall, Switches, Router, OS and Server. I also helped to secure top 500 fortune organisations.
As a result of my previous engagements in vulnerability assessment & penetration testing and bug hunting, I excel at:
- Performing professional penetration testing, vulnerability management, and consultation.
- Preventing unauthorized access, and evaluating potential security risks.
- Creating high-quality Management and Technical reports.
I am a Penetration Tester and an OSCP Professional Security Researcher having 3 years of hands-on experience in Vulnerability Assessment & Penetration Testing that includes Web App, API, Mobile App - Android & iOS, Network, Cloud Security Audits and Penetration Testing, Desktop/Thick client Application, Container Security, Security Configuration Review - Firewall, Switches, Router, OS and Server. I also helped to secure top 500 fortune organisations.
As a result of my previous engagements in vulnerability assessment & penetration testing and bug hunting, I excel at:
- Performing professional penetration testing, vulnerability management, and consultation.
- Preventing unauthorized access, and evaluating potential security risks.
- Creating high-quality Management and Technical reports.
Cybersecurity Assessment Type
Penetration TestingCybersecurity Expertise
Data Protection, Audit, Risk AssessmentTechnology Type
Firewall, IaaS, Computer Network, Data Center, Database, Operating System, SaaS, Web Application, CRM, ERP, PaaSCybersecurity Regulation
CMMC, ISO, NIST Cybersecurity Framework, PCI DSS, SOC 2What's included
| Service Tiers |
Starter
$500
|
Standard
$1,200
|
Advanced
$1,500
|
|---|---|---|---|
| Delivery Time | 3 days | 7 days | 14 days |
Application Audit | |||
Project Plan | - | - | - |
Cost Estimation | - | - | - |
Optional add-ons
You can add these on the next page.
Fast Delivery
+$100 - $200
12 reviews
(12)
(0)
(0)
(0)
(0)
This project doesn't have any reviews.
LH
Lee H.
Jul 10, 2025
Database Assessment Security Review
4th time engaging with Harshit and this time is database assessment security review.
Clear instructions and straight to the point with the Pre-requisites messages required for this assessment.
Team member is able to provide the necessary pre-reqs items without any hiccup, and Harshit will execute accordingly
Clear instructions and straight to the point with the Pre-requisites messages required for this assessment.
Team member is able to provide the necessary pre-reqs items without any hiccup, and Harshit will execute accordingly
LH
Lee H.
Jun 25, 2025
Secure Source Code Review
Engaged Harshit for the third time (this time is Source Code Review), and onceagain delivered on time with high quality work that fully met the expectations.
Harshit's findings were thorough, and the proposed solutions were clearly detailed and actionable
Thank you once again Harshit!
Harshit's findings were thorough, and the proposed solutions were clearly detailed and actionable
Thank you once again Harshit!
LH
Lee H.
Jun 25, 2025
VAPT for 3 applications
Engaged for VAPT and delivered on time with quality!
LH
Lee H.
May 3, 2025
You will get Vulnerability Assessment & Penetration Testing/ Advanced VAPT with a report
Responsive and communicate well
LL
Linawaty L.
Nov 29, 2024
Pen Test a Redemption Site 2024
I would like to again commend on the excellent work of Harshit. This is the 3rd time we're engaging his service and we're happy with the quality, speed and delivery. That's the reason why we keep coming back to him. I would recommend him highly for those that require penetration testing for their website. Thank you very much , Harshit :)
About Harshit
OSCP & CREST Certified Pentester | Web, Cloud, AI & Mobile Security
100%
Job Success
Noida, India - 7:09 pm local time
I am an OSCP and CREST Registered Penetration Tester with 6+ years of experience. I don't just run automated scanners that miss critical flaws, I use a systematic, manual approach (OWASP, NIST) to think like a hacker and find vulnerabilities before malicious actors do.
🛡️ Why Clients Trust Me:
- Elite Certifications: OSCP, CREST (CRT & CPSA), ISO 27001 Lead Auditor, and (ISC)².
- Manual Intelligence: I go beyond automated tools. I perform deep logic-based testing to find complex vulnerabilities in Business Logic, API endpoints, and Smart Contracts.
- Clear Reporting: You receive a detailed report with Proof-of-Concept (PoC) screen captures, CVSS v4.0 risk scoring, and actionable remediation steps, not just technical jargon.
🛠️ My Security Services:
1. Web & Mobile Application Security (VAPT)
- Comprehensive testing for Web Apps, APIs, and Thick Clients.
- iOS & Android Security (Static & Dynamic Analysis).
2. Source Code Review & DevSecOps integration.
3. Cloud & Infrastructure Security
- AWS, Azure, GCP, and DigitalOcean configuration audits.
- Network VAPT, Container Security (Docker/K8s), and Firewall/Router hardening.
- Active Directory & Windows/Linux Server hardening.
4. Emerging Tech Security (AI & Blockchain)
- AI/LLM Security: Testing GenAI and Agentic AI models for prompt injection and jailbreaks.
- Blockchain: Smart Contract auditing and IoT/Hardware security.
✅ My 4-Step Engagement Process:
- Reconnaissance & Scanning: Using BurpSuite Pro, Nessus, custom scripts and other standard tools.
- Manual Exploitation: Verifying false positives and exploiting complex flaws.
- Reporting: Delivering a professional report with a management summary and technical fix guide.
- FREE Retest: I will verify your fixes at no extra cost to ensure the holes are truly plugged.
🏆 Notable Achievements:
- Acknowledged by NCIIPC (Government of India) for critical security submissions.
- Secured platforms for: Fitbit, Skyscanner, UnderArmour, Mailgun, and Bharti Airtel.
🛠️ Technical Skills:
- Vulnerability Assessment & Penetration Testing
- Web Application VAPT
- API VAPT
- AI/Gen AI/Agentic AI Security Testing
- Android & iOS Mobile ApplicationVAPT
- Network VAPT
- AWS/ Azure/ GCP/ DigitalOcean Cloud Security Audit and Penetration Testing
- Microsoft Office 365 Security Audit or Configuration Review
- Thick Client or Desktop Application VAPT
- Active Directory Security
- DevSecOps
- Container Security
- VoIP Penetration Testing/ Security Testing
- IoT/Hardware Security Testing
- Smart Contract Security Audit
- Threat Modeling
- Threat Intelligence
- Open Source Intelligence
- Security Configuration Review - Firewall, Switches, Router, Operating Systems and Servers
Contact me to discuss your scope. Let’s secure your assets today.
Steps for completing your project
After purchasing the project, send requirements so Harshit can start the project.
Delivery time starts when Harshit receives requirements from you.
Harshit works on your project following the steps below.
Revisions may occur after the delivery date.
Send a Questionnaire
It consists of some questions to understand your website.
Start doing Vulnerability Assessment & Penetration Testing
I'll find the security issues on your website.