Offerings
Services
These are intentionally timeboxed and outcome-focused. If you have a different constraint (deadline, compliance, limited access), we can tailor the scope.
Attack surface review (fast)
Identify exposed services, risky defaults, and high-leverage fixes. Ideal for new deployments and quick sanity checks.
- External footprint + DNS + endpoints
- Priority remediation list
- Short write-up (executive + technical)
Web app assessment
A practical, exploit-driven assessment to validate real-world impact and reduce the chance of “paper findings.”
- Auth/session and access control testing
- Input handling and business logic
- Repro steps + fix guidance
Security hardening sprint
Hands-on remediation support: configs, guardrails, and verification so changes stick.
- Baseline configs + secure defaults
- Logging/alerting recommendations
- Verification and regression checks
Engagement notes
Work is performed with explicit written authorization. I do not provide services intended for illegal access.