You will get Web/Mobile Application Security Vulnerability and Penetration Testing

Hakimuddin G.Status: Offline
Hakimuddin G.
5.0
Top Rated

Let a pro handle the details

Buy Assessments & Penetration Testing services from Hakimuddin, priced and ready to go.
Hakimuddin G.Status: Offline
Hakimuddin G.
5.0
Top Rated

Let a pro handle the details

Buy Assessments & Penetration Testing services from Hakimuddin, priced and ready to go.

Project details

I can produce a professional security audit/test report with findings and recommendations which can help improve the security of website applications as well as it can be submitted to fulfill audit and compliance requirements. Moreover, I can provide a comparison report after discovered vulnerabilities are fixed and systems are reassessed. NDA can be signed to ensure information is not disclosed to any third party without permission.
Cybersecurity Assessment Type
Penetration Testing
Cybersecurity Expertise
Audit
Technology Type
Database, SaaS, Web Application, ERP
Cybersecurity Regulation
ISO, PCI DSS
What's included
Service Tiers Starter
$100
Standard
$300
Advanced
$500
Delivery Time 2 days 5 days 10 days
Application Audit
Project Plan
-
-
-
Cost Estimation
-
-
-
5.0
68 reviews
99% Complete
1% Complete
1% Complete
(0)
1% Complete
(0)
1% Complete
(0)

MA

Matthew A.
5.00
Jan 5, 2025
Call Hakimuddin was a god send to work with.

The best on Upwork I have spoken with too date.

Gave constructive and well articulated advice on our initial call.

LC

Luis C.
5.00
Nov 7, 2023
Pen test

DT

Doviana T.
5.00
Jun 30, 2022
Glasswall File Demo Creation Hakim did again a good job on helping our CTO with a project for our sales colleagues. He is highly recommended.

DT

Doviana T.
5.00
Feb 9, 2022
"Open Source Intelligence" analysis for files processed by Glasswall CDR engine Hakim did a great job on the project he was assigned. Very pleased with his deliverables. A+ freelancer.

SS

Susana S.
5.00
Oct 25, 2021
Security Assessment for Web Application Hakim is knowledgeable and professional and timely with his services.
Hakimuddin G.Status: Offline

About Hakimuddin

Hakimuddin G.Status: Offline
Cyber Security Expert | Ethical Hacker | Web & API Penetration Tester
100% Job Success
5.0  (68 reviews)
Safat, Kuwait - 3:26 am local time
I am a cybersecurity consultant specializing in advanced penetration testing for web applications and APIs, helping organizations identify and eliminate high-risk vulnerabilities that directly impact business security and compliance. My work focuses on real-world attack simulation, prioritizing exploitable flaws over theoretical findings.

I support engineering and security teams in strengthening application security posture through deep technical assessments aligned with OWASP Top 10, secure architecture validation, and attacker mindset analysis for critical systems.

I design and develop focused security assessment tools and lightweight vulnerability scanners that target real-world attack surfaces often missed by generic enterprise security platforms.

Most commercial scanners generate noise or miss critical, context-specific risks in platforms like Oracle EBS, SAP, and CMS-based systems. My approach is different — I build targeted scanners that identify real, exploitable issues with minimal false positives.

## PROFESSIONAL CYBERSECURITY SERVICES

Web Application Penetration Testing (OWASP Top 10 Compliance)
API Security Testing
DAST & SAST Security Assessments

Mobile Application Penetration Testing (iOS & Android)
Embedded & Thick Client Application Security Testing

Cloud Security Assessments (AWS, Azure, GCP)
IoT Device Security Testing
Wireless Network Penetration Testing
SCADA & Industrial Control Systems (ICS) Security Testing

Security Breach & Incident Investigations
Social Engineering Assessments
Red Team & Blue Team Simulations

GDPR Security Testing (Article 32 Compliance)

Pre-Acquisition Security Assessments
Security Posture Benchmarking & Peer Comparison

External Digital Footprint & Exposure Analysis
Continuous Security Risk Monitoring of Public Assets

Supplier & Third-Party Security Risk Assessment

## CORE COMPETENCIES

Web & SaaS Security Testing: SQLi, XSS, CSRF, IDOR, Authentication & Business Logic Vulnerabilities

Penetration Testing & Ethical Hacking: External/Internal, Wireless, Social Engineering

Vulnerability Assessment & Network Auditing: Risk identification, validation, prioritization, remediation

Cloud Security: AWS, Azure, GCP security assessments, misconfigurations, exposed assets

Incident Response & Threat Hunting: Forensics, breach investigation, attack path analysis

Compliance & Auditing: ISO 27001, NIST, PCI-DSS, GDPR, HIPAA, SOC 2

Application Security Testing: Mobile apps (iOS/Android), Chrome extensions, Salesforce apps, REST APIs

## OSINT & THREAT INTELLIGENCE

OSINT & Intelligence Gathering: Analysis of publicly available data for actionable security insights

Threat Hunting: Detection of IOCs, APT activity, and malicious behavior patterns

Incident Response Support: Breach analysis, containment guidance, and attack reconstruction

Digital Investigations: Threat actor profiling and digital footprint analysis

Dark Web Monitoring: Tracking leaked credentials, stolen data, and breach exposure

## VALUE-ADDED SERVICES

Security Reporting & Debriefing: Executive-ready reports with findings, impact analysis, and remediation guidance

Security Improvement Recommendations: Research-driven, actionable insights to strengthen security posture

Security Knowledge Transfer: Practical guidance and best practices for engineering and security teams

Custom Security Tool Development: Design and development of tailored security automation and assessment tools

Incident Response Support (24/7): Rapid response assistance for critical security incidents and breaches

##CERTIFICATIONS##

Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
ISO 27001 Lead Auditor
CompTIA Security+

## TECHNOLOGY EXPERTISE

Web & SaaS Security: Enterprise web apps, CMS, and API-based systems (REST/GraphQL)

Application Security: Laravel, Django, and modern backend architectures

Cloud Security: AWS, Azure, GCP, IAM, cloud-native environments

Network Security: Enterprise networks, firewalls, VPNs, segmentation (Cisco, Palo Alto, Fortinet)

E-Commerce & Enterprise Platforms: Shopify, Magento, and payment-integrated systems

Infrastructure & Hosting: cPanel, Plesk, WHMCS

## TOOLS & TECHNIQUES

Manual Security Testing: Web apps & APIs, authentication/MFA flaws, business logic vulnerabilities, XSS, SQLi, IDOR

Security Tools: Burp Suite, Kali Linux, Metasploit, Nessus, Qualys, Wireshark

Scripting & Automation: Python, Bash, PowerShell for security testing and tooling

Threat Intelligence: OSINT, MISP, Recorded Future, attack indicator analysis

Reverse Engineering & Malware Analysis: IDA Pro, Ghidra, Cuckoo Sandbox

Cloud Security Tools: AWS Inspector, Azure Security Center, GCP security scanners

Steps for completing your project

After purchasing the project, send requirements so Hakimuddin can start the project.

Delivery time starts when Hakimuddin receives requirements from you.

Hakimuddin works on your project following the steps below.

Revisions may occur after the delivery date.

Testing Phase

Enumeration Scanning Manual Testing Report preparation

Review the work, release payment, and leave feedback to Hakimuddin.