I will review your web application code for security vulnerabilities

N
nalbarualexandr
N
nalbarualexandr
NamasteAlex

About this gig

Your web app is only as secure as its weakest endpoint.


I am an independent security researcher who reviews web application source code for the flaws that lead to breaches: broken access control and IDOR, SQL and command injection, stored and reflected XSS, authentication and session bypass, SSRF, and business logic errors that scanners never catch.


What you get:

  • A manual review of your routes, controllers, auth, and data access, mapped to the OWASP Top 10
  • - Every issue rated by severity, with the exact file, line, and how it is exploited
  • - A working proof of concept for real issues, not scanner false positives
  • - Concrete, framework specific fixes your team can apply right away
  • - A re review after you apply fixes (Standard and Premium)

Stacks: Node and Express, NestJS, Django, Flask, FastAPI, Laravel, and similar. Your code stays strictly confidential.


Message me with your repo before ordering and I will confirm scope and the right package.

Get to know NamasteAlex

NamasteAlex

Offensive security researcher, secure code review and Web3 audits

  • FromRomania
  • Member sinceOct 2017
  • Avg. response time1 hour
  • Languages

    English, Romanian
Offensive security researcher and bug-bounty hunter (HackerOne, Bugcrowd, Intigriti, YesWeHack) with validated High/Critical findings: broken access control (IDOR/BOLA), SSRF, authentication/OAuth, and cryptographic-implementation flaws. I do manual secure code review and smart-contract/Web3 audits - finding the exploitable bugs that scanners miss - and deliver clear, developer-ready reports with reproduction steps and fixes. Every finding is proven, not guessed. Send me your code or contract and let's lock it down.

My Portfolio

Other Software Development Services I Offer