Browse categories
Explore
Fiverr Pro
English
$
USD
Looks Like This Service Is On Hold
I will perform professional web application penetration testing
India
I speak Hindi, English
Cybersecurity Consultant
Certified penetration tester with professional experience
has tested some of the biggest healthcare systems and national transportation
infrastructure.
What I test:
Web Applications — OWASP Top 10...
About this Gig
Is your web application really secure or just untested?
I'm Piyush, an OSCP, CEH, and CNPen certified penetration
tester. I currently work at a cybersecurity firm with
experience testing platforms for major UK healthcare and
national transportation organizations.
What you get:
Real manual testing, not just automated scanner output
OWASP Top 10, IDOR, authentication bypass, business
logic flaws, privilege escalation, API security
Clear report with CVSS scores, proof-of-concept
screenshots, and step-by-step remediation
Executive summary suitable for management and
compliance audits
Free re-test within 30 days to verify your fixes work
Tools I use: Burp Suite Pro, Nmap, SQLMap, Nikto,
BloodHound, Postman, and custom scripts.
Why this matters: 90% of cheap pen tests are just automated
scan dumps. I find the bugs scanners miss the ones
attackers actually exploit.
Before ordering:
- Share your target URL and application type
- Confirm you have written authorization to test
Need custom scope, multi-app testing, or an enterprise
engagement? Message me before ordering and I'll put
together a tailored quote.
Let's make your application harder to hack.
Testing application:
Website
Device:
Mac
•
Linux
FAQ
What's the difference between a vulnerability scan and a penetration test?
A scan finds known issues automatically. A penetration test combines automated tools with manual testing to find business logic flaws, chained vulnerabilities, and context-specific risks that scanners miss. My gigs include both.
Do I need to provide access credentials?
For black-box testing, no — I test as an external attacker would. For grey-box testing (recommended for full coverage), you'll provide test accounts for different user roles. I'll never access production data without approval.
Will the testing affect my live website?
I recommend testing on a staging environment when possible. If testing production, I use non-destructive techniques and coordinate with you on timing to avoid any business disruption.
How does the free re-test work?
After you fix the vulnerabilities in my report, I re-verify each finding within 30 days at no extra cost. You'll get an updated report confirming the fixes work — useful for compliance audits and peace of mind.
