Browse categories
Explore
Fiverr Pro
English
$
USD
Looks Like This Service Is On Hold
I will perform an advanced web pentest and security audit
Vietnam
I speak Vietnamese, English
HTB Certified Pentester, CVE Vulnerability Researcher
Hi, I'm Canh Nguyen, a Certified Web Penetration Tester and Vulnerability Researcher. I hold the prestigious HTB Certified Web Exploitation Specialist (CWES), along with Cisco and Google certification...
About this Gig
Protect Your Web App with a Certified Penetration Tester!
Hello! I'm Canh Nguyen, a Cybersecurity Researcher holding the HTB Certified Web Exploitation Specialist (CWES), Cisco and Google certifications. I have a proven track record of deep manual auditing, including discovering a validated vulnerability (CVE-2026-31914).
Unlike gigs that rely on automated tools to deliver confusing junk reports, I specialize in Deep Manual Pentesting. I simulate real-world attacks to uncover logical flaws that scanners completely miss.
What I Test For (OWASP Top 10 & Beyond):
- SQL Injection (SQLi) & Cross-Site Scripting (XSS)
- Broken Access Control (IDOR) & Privilege Escalation
- Server-Side Request Forgery (SSRF) & CSRF
- Business Logic Flaws & API Leaks
- Security Misconfigurations
What You Will Receive:
- A commercial-grade, professionally written Vulnerability Report.
- Clear Proof of Concept (PoC) demonstrating how the exploit works.
- Actionable, code-level remediation guidance.
- Zero false positives (via manual verification).
I provide rigorous enterprise-level security auditing for SaaS, Web3 Apps, and e-commerce platforms.
️ IMPORTANT: Please message me before ordering to discuss your scope!
Testing application:
Web application
Device:
PC
•
Linux
My Portfolio
FAQ
Do you only use automated tools?
Absolutely not. While I use industry-standard tools for baseline scanning, the core value of my service is Deep Manual Testing to find complex, logic-based vulnerabilities that scanners miss.
What is your Penetration Testing methodology?
I combine automated OWASP Top 10 scanning with deep manual testing (white-box or black-box). I think like a real-world attacker to analyze your app's logic, then present the findings in a clear, commercial-grade report with actionable fixes.
What are your Qualifications?
I hold the prestigious HTB Certified Web Exploitation Specialist (CWES), along with Cisco Ethical Hacking and Google Cybersecurity certifications. I am also the credited researcher behind a validated vulnerability (CVE-2026-31914).
Will this test break my website?
No. I conduct safe, non-destructive testing designed to identify risks without disrupting your active users or corrupting your database.
Can you test authenticated areas (Login required)?
Yes! In fact, testing behind the login page is crucial. Please provide test credentials or a staging environment for the best results.
Can I see samples of the report you provide?
Certainly! Just send me a direct message, and I'll be happy to share a sanitized sample report with you so you know exactly what to expect.
Do you provide any other services?
Absolutely! Beyond penetration testing, I offer WordPress malware removal, WAF (Web Application Firewall) configuration, and security architecture consultation.
Can I ask questions not covered in the FAQ?
Of course! Feel free to message me with any additional questions or concerns you may have before placing an order. I am always happy to help.
