Penetration Tester
Freelance Web, API & Android security testing for startups and product teams.
I find the vulnerabilities in your web apps, APIs, and Android applications
before attackers do — then hand you a clear, reproducible report your team can
act on fast. CRTP, CEH & CAP certified, with 4+ years hands-on.
(Yes, I break into apps for fun. Then I help you fix them. 😉)
Free, no-commitment scoping call · I usually reply within 24 hours.
Services
Manual, depth-first security testing — not just an automated scan. Every engagement ends with a risk-ranked report and practical remediation guidance. Not sure where to start? Begin with a free consultation.
Web Application Pentest
OWASP Top 10, broken access control, authentication and session flaws, business logic abuse, injection, SSRF and file-upload risks.
Learn more →API Penetration Testing
REST & GraphQL testing for BOLA/IDOR, broken authentication, mass assignment, rate-limit bypasses and excessive data exposure.
Learn more →Android App Pentest
Static & dynamic analysis, insecure storage, hardcoded secrets, SSL-pinning bypass and mobile backend/API abuse.
Learn more →Secure Code Review
Source-assisted review to catch high-impact flaws automated SAST misses — unsafe patterns, secrets, crypto misuse and logic bugs.
Learn more →Free 30-Min Consultation
A no-commitment call to review your setup, flag likely risks, and tell you honestly whether — and where — a pentest is worth it.
Start here →What You Get
A pentest is only as useful as its report. You get findings your developers can act on — not a raw scanner dump.
- Executive summary in plain business language
- Risk-ranked findings (CVSS / severity)
- Clear, reproducible steps for every issue
- Screenshots and request/response evidence
- Practical, developer-friendly remediation guidance
- A walkthrough call to discuss findings
- Free retest to confirm fixes (within scope)
- NDA and strictly authorized testing only
How I Work
A transparent, low-risk engagement from first call to verified fixes.
Scope
A free call to define targets, access, timelines and rules of engagement — then a clear proposal with transparent pricing.
Test
Manual, methodology-driven testing across auth, access control, business logic, APIs and the exposed attack surface. Critical issues flagged immediately.
Report
A risk-ranked report with reproduction steps, evidence, impact and remediation guidance — plus a walkthrough with your team.
Retest
After your team ships fixes, I verify them so you can confirm the issues are genuinely closed.
Run the Numbers
Two quick tools: ballpark what a pentest might cost for your scope, and see what a breach could cost you without one. Both are estimates — exact quotes come after a free 30-min call.
Estimate Your Pentest Cost
Adjust the inputs below. The real quote comes after a free scoping call where I understand your full setup.
Estimated range
Ballpark ±20% — actual quote depends on full scope. Book a free 30-min call for a precise number.
Get an Exact QuoteEstimate Your Breach Cost
See what a data breach could realistically cost your business — and whether a pentest is worth it by comparison.
Estimated breach cost
Illustrative estimate only — not financial or legal advice. Actual breach costs vary widely based on detection speed, response quality and legal jurisdiction. Sources: IBM Cost of a Data Breach 2024, CERT-In advisories.
A Pentest Costs a Fraction of a Breach →4+ Years Breaking Apps. Professionally.
From defensive SIEM monitoring to offensive penetration testing engagements — I've spent 4+ years learning exactly how attackers think and where defences fall short. I bring that perspective to every client pentest.
CRTP, CEH & CAP certified. Recognized by Google VRP, Tata Play, Sony LIV and Zivame for responsible vulnerability disclosures. I work with startups and product teams that need serious security testing — and I write reports your developers can actually act on.
Full Profile & Experience →Real Findings. Responsible Disclosures.
A sample of vulnerabilities found outside of client work and responsibly reported. Platform names are public record — technical details are sanitised. Full pentest reports available under NDA.
Rate-Limit Bypass
Google VRP
Uncovered a rate-limit bypass in a Google subsidiary's API enabling automated user enumeration without throttling — accepted by Google's security team as an abuse-risk finding.
Broken Access Control
Tata Play · Hall of Fame
Found a BAC vulnerability allowing unauthorised read access to customer account data. Responsibly reported — rewarded and included in the company's Hall of Fame.
Business Logic Bypass
Sony LIV · HackerOne
Identified a business logic flaw in the Android application enabling bypass of payment restrictions. Disclosed via HackerOne — resolved and recognised by the security team.
Subdomain Misconfiguration
Zivame · Hall of Fame
Discovered server misconfigurations across multiple subdomains exposing internal assets — responsibly disclosed, fixed, and included in the company's Hall of Fame.
Frequently Asked Questions
The questions clients ask most before an engagement.
How much does a pentest cost?
It depends on scope, but security testing shouldn't be priced out of reach for the teams that need it most. I've structured pricing to be accessible for startups and growth-stage teams — not just enterprises with six-figure budgets. Each service page has a transparent starting price, and the estimator above gives a quick ballpark. Still unsure? Reach out and I'll put together a custom scope.
What's the typical timeline?
Most web or API engagements take about 1–2 weeks from scoping to report, depending on complexity. You'll get a clear timeline in the proposal before any work starts.
What do I receive at the end?
A clear report: executive summary, risk-ranked findings with reproduction steps and evidence, business impact, and practical remediation guidance — plus a walkthrough call and a free retest of the fixes within scope.
Do you need access to source code?
Not necessarily. I offer black-box (no access) and grey-box (with credentials/docs) testing. Grey-box usually finds more in the same time — I'll recommend the best fit for your goals.
How do you handle sensitive data and confidentiality?
I sign an NDA before the engagement, test only what's authorized, and securely delete engagement data after report delivery. I can work within your security policies.
What if you don't find anything serious?
That's a good outcome — and rarer than you'd think. You still get a full report documenting what was tested and confirming your controls held up, which is useful evidence for customers, auditors and investors.
Contact
Ready to secure your apps before attackers test them for you? Tell me about your project and I'll reply within 24 hours with next steps, scope and transparent pricing — or start with a free 30-minute consultation.