Browse categories
Explore
Fiverr Pro
English
$
USD
I will do web application penetration testing and security audit vapt
Rayhan
About this gig
An undetected security loophole can ruin your business and leak user data. As a Certified Ethical Hacker (CEH), I provide a professional web application penetration test (VAPT) to identify and help you patch critical flaws before malicious actors exploit them.
I perform manual deep-dives to uncover complex logic flaws, authorization bypasses, and data leaks that traditional automated scanners completely miss.
️Testing Scope (OWASP Top 10):-
- Exploitation: Manual testing for SQLi, XSS, CSRF, IDOR, and RCE.
- Session Security: Broken authentication, cookie safety, and session hijacking.
- Business Logic: Price manipulation and administrative data bypass.
- Data Leakage: Exposed API keys and server-side information disclosure.
What You Receive:-
- VAPT Report: Executive summary and technical vulnerability breakdown classified by severity.
- Proof of Concept (PoC): Screenshots and exact steps to reproduce the vulnerabilities.
- Remediation Guide: Clear, actionable code-level instructions on how to patch the bugs.
Note: I only test with explicit written permission from the asset owner.
Secure your perimeter today!
Respect third-party rights
Please be aware that it is against Fiverr's policies for sellers to include themes, templates, or any other elements that infringe third-party rights or applicable laws in the delivered work. Read more about in our Guide to Responsible Digital Creation.
Get to know Rayhan
Rayhan
Cybersecurity Specialist and Certified Ethical Hacker
- FromBangladesh
- Member sinceMay 2025
- Avg. response time1 hour
Languages
English, Hindi, Bengali
I am Siam Rayhan, a Certified Ethical Hacker and Cybersecurity Specialist certified by Arena Web Security. With a strong software development background since 2017, I don't just run basic scanners—I understand exactly how code is built, allowing me to think like a hacker and locate deep vulnerabilities.
My core services:
● Web & Mobile App Penetration Testing (VAPT)
● Network Security & Vulnerability Assessments
● API & IoT Security Audits
● Secure Code Review
I secure your business before malicious threat actors exploit it. Let's secure your systems!
My Portfolio
FAQ
What do you need from me to begin the penetration test?
I require the target URL, explicit written permission to test the asset, and (if applicable) a set of testing credentials (test accounts) so I can audit the authenticated pages and user roles inside your application.
Will the penetration test cause any downtime or disrupt my live website?
No. I conduct my assessments safely using controlled, low-impact methods to ensure your application remains stable and operational. If you prefer, I can also conduct the entire test on a staging or development environment instead of your live production site.
What standard or framework do you follow during the assessment?
My testing methodology is strictly aligned with the OWASP (Open Web Application Security Project) Top 10 framework, combining automated mapping with deep manual exploration to guarantee thorough coverage of logical and structural flaws.
Do you directly patch the code or fix the vulnerabilities you find?
No, I don't modify code directly. I provide a detailed remediation report with clear instructions on how to patch every flaw. Writing patches for custom backends introduces legal liabilities and is best handled safely by your development team using my step-by-step blueprint guide.
