Browse categories
Explore
Fiverr Pro
English
$
USD
I will fix auth, API and security bugs in your app
Alex Perrucci
About this gig
Do you have a security warning, audit finding, scanner alert, or suspicious vulnerability in your web app or API?
I can help you review, reproduce, and fix specific security issues in your codebase.
I can help with:
- Broken access control
- IDOR issues
- API authorization bugs
- Authentication/session problems
- Unsafe file upload issues
- Path traversal risks
- SSRF risks
- Input validation problems
- GitHub / Snyk / Semgrep / CodeQL security alerts
- Basic security hardening for backend endpoints
What I provide:
- Code review of the affected area
- Explanation of the issue
- Safe patch or suggested fix
- Regression test when possible
- Clear technical notes on what was changed
Important:
This is not a full penetration test.
I do not perform illegal testing, social engineering, DDoS, brute force, phishing, or attacks on systems you do not own or control.
Please contact me before ordering so I can confirm the issue is within scope.
Respect third-party rights
Please be aware that it is against Fiverr's policies for sellers to include themes, templates, or any other elements that infringe third-party rights or applicable laws in the delivered work. Read more about in our Guide to Responsible Digital Creation.
Get to know Alex Perrucci
Alex Perrucci
Stripe Billing Reliability Specialist
- FromItaly
- Member sinceFeb 2026
Languages
Italian, English
Stripe Billing issues can silently break your revenue.
I specialize in fixing recurring subscriptions not charging, off-session payment failures, duplicate charges, and webhook processing errors.
I work directly with Stripe logs, events, invoices and PaymentIntents to identify the root cause and implement a clean, reliable fix.
No redesigns. No hacks. No endless consulting.
If Stripe is affecting your revenue flow, I help restore it safely and correctly.
FAQ
Do you perform full penetration testing?
No. This gig is focused on reviewing and fixing specific security issues, scanner alerts, API bugs, or code-level vulnerabilities. It is not a full penetration test.
Can you fix GitHub, Snyk, Semgrep, or CodeQL security alerts?
Yes. I can review the alert, check if it is valid, explain the risk, and help fix it in your codebase when possible.
Do I need to contact you before ordering?
Yes, please contact me before placing an order. I need to confirm the issue, the tech stack, and whether the request is within scope.
What do you need from me?
Please provide the security warning, affected file or endpoint, tech stack, scanner output if available, and confirmation that you own or are authorized to test the application.
Do you test websites I do not own?
No. I only work on applications, codebases, or systems that you own or are authorized to test.
Can you fix authentication or API authorization bugs?
Yes. I can help with authentication issues, API authorization bugs, broken access control, IDOR-style issues, and related backend security problems.
Do you remove malware or clean hacked websites?
No. This gig does not include malware removal, blacklist removal, or WordPress cleanup. It focuses on code-level security bugs and scanner findings.
Will you guarantee my app is 100% secure?
No. No one can honestly guarantee that an app is 100% secure. I can review and fix specific issues within the agreed scope.
Do you provide a report?
Yes. I can provide a short explanation of the issue, what was changed, and recommended next steps.
Can you work without repository access?
Sometimes. If you provide the affected code, request/response examples, or scanner output, I may be able to help. For code fixes, repository access or relevant files are usually needed.
