I will do penetration testing and audits
About this Gig
OWASP Top 10 Manual Assesment with Remediation
I will perform a manual web application security assessment and OWASP Top 10 report. not automated scans.
disclaimer:
"By ordering, you confirm you are the owner of this website/application or have explicit written authorization to have it tested for security vulnerabilities."
I am at Tryhackme top 20% ranking
SANS FOR610(in progress)
A sanitized sample report on my github: https://github.com/Sahilmir18/FUTURE_CS_01
My Blogging Website : https://sahilmir18.github.io/
Device:
Desktop
•
Laptop
•
Server
•
Mobile
•
Tablet
Operating system:
Windows
•
Linux
•
Unix
•
Android
•
Ubuntu
FAQ
Will testing damage or crash my website?
I use careful, controlled testing methods designed to identify vulnerabilities without disrupting your live site. However, for production environments, I recommend testing on a staging/clone if available. I'll discuss this with you before starting if it's a concern.
Will you keep my data/vulnerabilities confidential?
Yes. Everything discovered during testing is confidential and shared only with you. I'm happy to sign an NDA if required (let me know in advance).
Q: What exactly do you test?
I manually test for the OWASP Top 10 vulnerabilities — SQL Injection, Cross-Site Scripting (XSS), Broken Authentication, Security Misconfigurations, IDOR, CSRF, and more — depending on your package. I combine manual testing with automated tools for thorough coverage.
Do you need login credentials?
If your site has user accounts/login areas, providing test credentials allows me to test authenticated areas (often where the most serious bugs hide). If you'd rather not share real account credentials, I recommend creating a temporary test account for me.
What do I receive at the end?
A detailed PDF report including: each vulnerability found, severity rating (Critical/High/Medium/Low), step-by-step reproduction instructions, evidence (screenshots), business impact explanation, and remediation recommendations.
Can you also fix the vulnerabilities you find?
My focus is on identification and reporting, not remediation/development work. However, I can recommend specific fixes, and for select cases I may be able to assist with implementation — message me to discuss.

