I will find business logic and account flow risks in your web app

Morocco

I speak English, Arabic, French

Security Analyst

Hi, I’m Yassine, a web security researcher focused on manual testing and real abuse paths, not just automated scans. I review login, session, account, password reset, access control, and payment flows...
About this Gig

Automated scanners find common issues, but they often miss dangerous logic flaws inside real user flows.


I manually review your web application for security weaknesses in login, signup, sessions, password reset, account settings, checkout, payment flows, and business logic paths.


Best for SaaS apps, ecommerce websites, marketplaces, dashboards, and platforms with user accounts or payments.


What I test:

  • Login and signup flaws
  • Session and account state issues
  • Password reset and email change weaknesses
  • Access control mistakes
  • Business logic abuse
  • Checkout and payment flow risks
  • Exposed sensitive data
  • OWASP Top 10 issues when relevant


You will receive:

  • Clear PDF report
  • Screenshots and evidence
  • Reproduction steps
  • High / Medium / Low risk rating
  • Simple impact explanation
  • Recommended fixes and priorities


My testing is manual, permission-based, non-destructive, and limited to the agreed scope.


Please contact me before ordering so we can define the target and flows to test.



Device:

Desktop

Laptop

Server

Operating system:

Linux

Ubuntu

My Portfolio