I will pentest your web app

J
jacob_buczak
J
jacob_buczak
Jacob B
pentest your web app
Full Screen
pentest your web app

About this gig

Are you looking for a serious penetration test not an automated scan?

Im an ex-EY cybersecurity consultant with hands-on experience performing penetration tests in enterprise environment.

I will perform a comprehensive, manual penetration test of your web application or API, inspired by the OWASP Testing Guide and the workflow used by big4 consulting.


What you get:

Manual vulnerability discovery (not just automated tools)

Testing aligned with OWASP Top 10, OWASP Web Security Testing Guide, and industry best practices

A clear, professional report with:

  •  Executive summary
  •  Technical findings with severity
  •  Reproduction steps
  •  Proof of concepts
  •  Remediation guidance
  • Retesting after fixes (depending on package)
  • 100% confidentiality and NDA on request

Testing Coverage Includes

  • Authentication & authorization flaws
  • Business logic vulnerabilities
  • Injection (SQLi, NoSQLi, Command Injection, etc.)
  • API security (REST, GraphQL)
  • Access control (IDOR, broken access control)
  • File upload flaws
  • Session management issues
  • Server configuration weaknesses
  • Sensitive data exposure
  • Client-side vulnerabilities (XSS, CSRF, etc.)
  • Too many more to list with word limit

  • Platform

    • Other

  • Website type

    • E-Commerce store
    • Business
    • Blog
    • Saas
    • Other
Respect third-party rights

Please be aware that it is against Fiverr's policies for sellers to include themes, templates, or any other elements that infringe third-party rights or applicable laws in the delivered work. Read more about in our Guide to Responsible Digital Creation.

Get to know Jacob B

Jacob B
  • FromPoland
  • Member sinceNov 2025
  • Avg. response time2 hours

  • Languages

    English, Polish
I'm an ex-EY cybersecurity consultant and penetration tester. I found CVE 2025-20120 in Cisco Prime Infrastructure and EPNM products. I used to work in both offensive and defensive security for EY's clients including a Fortune 500 Europe company, including providing original OSINT research during major ransomware incident by a previously undocumented group. During my work as a pentester I found numerous vulnerabilities in applications used in government, finance, law, accounting and big corporate sectors. I have also implemented essential cybersecurity measures like backups, EDR and SIEM

Related tags