• Tailor-made offensive Software Development
    While boxed software is a perfectly viable solution for some business settings, companies often find themselves wishing for more power and flexibility from their offensive technology. Tailor-made offensive software solves a number of problems for these firms.
    I am experienced in creating unusual, unique tailor-made offensive tools for companies with uncommon requirements to aid their Pentesting/Red-Team Operation needs.

  • Web Application Penetration Testing
    Focused web application attack and penetration aiming to identify application layer flaws such as: Cross-Site Request Forgery (CSRF), Injection Flaws, Weak Session Management, Cross-Site Scripting (XSS), Insecure Direct Object References (IDOR) and many more.
    My method for application penetration testing covers the classes of vulnerabilities in the Open Web Application Security Project OWASP Top 10 2017, including but not limited to: Injection, Broken Authentication, Sensitive Data Exposure, XXE, Broken Access Control, Security Misconfigurations, XSS, Insecure Deserialization, using components with Known Vulnerabilities, and more.
    I offer web service testing, manipulating and fuzzing parameters found in the WSDL. These configuration files provide a structure for SOAP (Simple Object Access Protocol) requests which the web service accepts – and to which it responds.
    During a source code security review, i will manually analyze your application source code for security flaws.
    While web services have many unique components and risks, they can also contain many of the same vulnerabilities as typical application, such as SQL Injection.

  • Network Penetration Testing
    Focused network infrastructure penetration testing aiming to identify network and systemlevel flaws such as: Misconfigurations, Productspecific vulnerabilities, Wireless Network Vulnerabilities, Rogue Services, Weak Passwords and Protocols and many more.
    A network penetration test provides your organization with a unique birdseye view of your security system’s effectiveness. Newer companies may not yet have a handle on their network security. Conversely, more mature companies often have large, multi-faceted networks that easily overlooked elements - particularly as more organizations move to cloudbased systems. Both of these scenarios leave the potential for catastrophic breaches.
    In either case, you will be made aware of security flaws before attackers can exploit them. With this powerful foresight, business leaders will feel prepared to make informed decisions about their enterprise’s security. In demonstrating your newly hardened security posture, your clients, partners, and investors will feel confident in your ability to protect their assets, as well.

  • Mobile Penetration Testing
    In depth security test of mobile apps and devices (e.g., iOS, Android) Integrating both static and dynamic analysis, i test each mobile app at rest and during runtime to identify all vulnerabilities. This deep dive methodology also targets local vulnerabilities as well, such as insecure storage of credentials, Android backups including sensitive app data, etc.
    While i can decompile or reverse engineering the apps myself, more vulnerabilities can be identified through a full source code review of the application. By reviewing the app source code during the penetration test, even deeply buried vulnerabilities can be identified and mitigated.