Deep, manual testing beyond scanners - auth flows, business logic, and chained issues.

• OWASP ASVS-informed coverage
• Auth/session, access control, logic flaws
• API & file upload abuse, RCE paths

Realistic perimeter attacks to map, prioritize and reduce your external risk.

• Attack surface enumeration
• Exposure & misconfiguration checks
• Credential & password hygiene tests

Human-first testing - phishing, pretexting and reporting to uplevel resilience.

• Phishing campaigns & training
• Pretext design & metrics
• Executive/privileged user focus

Targeted, manual review to catch vuln classes scanners miss.

• AuthZ logic, data flows
• Injection, deserialization, crypto
• PR review & dev handoff

If your product uses AI chat, copilots, or “ask your data” features - I test how attackers can make it leak data or take unsafe actions.

• Data leakage & privacy risks
• Bypassing rules, guardrails, and access limits
• Abuse testing (spam, cost spikes, unsafe outputs)

APIs are where real data lives. I test whether attackers can access other users’ data, bypass permissions, or abuse endpoints at scale.

• Broken access control & data exposure
• Authentication, tokens, and session weaknesses
• Rate limiting, business logic, and abuse paths