I will conduct security testing for your website
Penetration Tester
About this Gig
In this Basic Web Application Pentest package, I will perform a security assessment based on the current OWASP Top 10 vulnerabilities. The testing will be conducted using a complete black-box methodology, meaning no access to source code is required.
This package covers either one web domain or one API, with testing limited to up to 15 endpoints. Any additional domains, APIs, or endpoints will require an extra charge.
Testing is primarily manual, supported by limited automation where appropriate.
Upon completion, you will receive a professionally structured report detailing identified vulnerabilities, risk levels, proof of concept, and clear remediation guidance.
During the revision phase, vulnerabilities will be revalidated to confirm remediation status.
FAQ
Do you translate to my local language as well?
Yes, I will provide you a report in your own language if you request. Note : Translation will be done using google translate or AI.
Do you need access to my source code?
No. This package follows a black-box testing methodology, meaning I test your application as an external attacker without requiring source code access.
What do you need before starting the test?
I require: Written authorization to perform testing Target domain or API details (With proof of ownership or authorisation) Test user accounts (if authentication is required) Clear scope confirmation Testing will not begin without proper authorization.
Will testing affect my live website?
Testing is conducted carefully to avoid service disruption. However, minor performance impact may occur during active testing.
Do you provide a compliance certificate?
No. This gig provides a professional vulnerability assessment report, not an official compliance certification.
Will my data remain confidential?
Yes. All information shared during the engagement remains confidential and is not disclosed to any third party.

