Browse categories
Explore
Fiverr Pro
English
$
USD
I will perform manual API penetration testing and owasp API top 10 security audit
David pelumi
About this gig
Is your API leaking sensitive data?
I am David Pelumi, a results-driven Cybersecurity Expert specializing in offensive security and threat modeling. With specialized training from APISEC University and a proven track record of identifying critical risks for startups and global organizations, I provide the "attacker mindset" needed to secure your digital assets.
What I Specialize In:
API Security Testing (REST & JSON APIs)
Manual API Penetration Testing
OWASP API Top 10 Vulnerability Assessment
Broken Object Level Authorization (BOLA)
Broken Function Level Authorization (BFLA)
Authentication & Token Misconfigurations
Excessive Data Exposure
Rate Limiting & API Abuse Testing
Threat Modeling & Attack Path Analysis
Respect third-party rights
Please be aware that it is against Fiverr's policies for sellers to include themes, templates, or any other elements that infringe third-party rights or applicable laws in the delivered work. Read more about in our Guide to Responsible Digital Creation.
Get to know David pelumi
David pelumi
Web Application Maintainance and Security
- FromNigeria
- Member sinceJan 2026
Languages
English
Is your API leaking sensitive data or vulnerable to attackers?
I am an APISEC University–certified Cybersecurity Expert specializing in API security testing, penetration testing, and threat modeling.
I don't rely on automated scanners, I perform deep manual API testing to uncover business logic flaws and authorization vulnerabilities that real hackers exploit in production systems
What I Specialize In:
• API Security Testing (REST & JSON APIs)
• Manual API Penetration Testing
• OWASP API Top 10 Vulnerability Assessment
• Broken Object Level Authorization (BOLA)
•Rate Limiting ETC
FAQ
What do you need from me to start the API test?
o begin, I need the API endpoint URLs, the API documentation (such as a Swagger or Postman collection), and test account credentials for different user roles (e.g., Admin and User). If the API uses specific authentication methods like OAuth or API Keys, please provide those as well.
