I will do wordpress and api penetration testing
Sr Penetration Tester
Informazioni su questo servizio
OSCP+ certified penetration tester with 5+ years of offensive security experience. I provide comprehensive WordPress and API security assessments, including manual testing for OWASP Top 10 and OWASP API Top 10 vulnerabilities, authentication and authorization flaws, business logic issues, and misconfigurations, along with professional remediation guidance.
Applicazione di testing:
Applicazione web
Dispositivo:
PC
•
Linux
•
Telefono cellulare Android
FAQ
What do I need to provide before the penetration test starts?
You need to provide the target URL, scope of testing, test accounts (if applicable), and written authorization confirming that you own or have permission to test the application.
What types of vulnerabilities do you test for?
I test for OWASP Top 10 and OWASP API Top 10 vulnerabilities, including SQL Injection, XSS, IDOR/BOLA, authentication issues, authorization flaws, file upload vulnerabilities, security misconfigurations, and business logic flaws.
Do you perform manual testing or only use automated tools?
My assessments include both automated scanning and extensive manual penetration testing to identify vulnerabilities that automated tools often miss.
Will my website or API experience downtime during testing?
I perform testing carefully to minimize any impact on production systems. However, for critical environments, I recommend testing on a staging environment whenever possible.
What will I receive after the engagement?
You will receive a professional report containing an executive summary, technical findings, risk ratings, proof-of-concept screenshots, and actionable remediation recommendations.
Do you offer retesting after vulnerabilities are fixed?
Yes, retesting services are available as an additional gig extra to verify that identified vulnerabilities have been properly remediated.

